1.0 DEFINITIONS AND INTERPRETATION
|Data||collectively all information that you submit to MX Publishing Limited via the Website. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws;|
|Cookies||a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in our Cookies Policy and Schedule.|
|Data Protection Laws||any applicable law relating to the processing of personal Data, including but not limited to the Directive 96/46/EC (Data Protection Directive) or the GDPR, and any national implementing laws, regulations and secondary legislation, for as long as the GDPR is effective in the UK;|
|GDPR||the General Data Protection Regulation (EU) 2016/679;|
|MX Publishing Limited, we, us or our||MX Publishing Limited, a company incorporated in England and Wales with registered number 06003854 whose registered office is at 335 Princess Park Manor, Royal Drive, London, N11 3GX;|
|UK and EU Cookie Law||the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011;|
|User or you||any third party that accesses the Website and is not either (i) employed by MX Publishing Limited and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to MX Publishing Limited and accessing the Website in connection with the provision of such services; and|
|Website||the website that you are currently using, mxpublishing.com, and any sub-domains of this site unless expressly excluded by their own terms and conditions.|
- the singular includes the plural and vice versa;
- a reference to a person includes firms, companies, government entities, trusts and partnerships;
- "including" is understood to mean "including without limitation";
- reference to any statutory provision includes any modification or amendment of it;
For purposes of the applicable Data Protection Laws, MX Publishing Limited is the "data controller". This means that MX Publishing Limited determines the purposes for which, and the manner in which, your Data is processed. T o make our policy as clear and easy to understand as possible, we've included both a summary version of the main points plus the policy statement in full.
- Most of the information we store is required for you to buy something from us - like your name and address.
- We also keep some information to help you find the products you're looking for, all part of providing the best online shopping experience. This information includes whether you’ve been a customer of ours before, what you bought and how you found us.
- Any personal data we hold about you is encrypted and has restricted access within our business. We delete customer data for people who are no longer customers after 4 years.
- We don’t share your data with any other company who might want to sell you something.
- We may share limited data with other companies to help with our own marketing. They are not permitted to share it with anyone else.
- We make it easy to opt out of each bit of data collection we do, apart from the stuff we have to legally keep. Just email us at email@example.com to make this happen. You can also delete your entire account, if you want to.
4.1. KEEPING YOUR DATA SECURE:
Our site is managed on the industry-leading, highly secure and PCI compliant Shopify Platform. Shopify’s compliance covers all six PCI standard categories and applies to every store using our platform including: maintaining a secure network, protecting cardholder data, maintaining a vulnerability management program, implementing strong access control measures, regularly monitoring and testing networks and maintaining an information security policy.
All credit card transactions on our website are secured by industry standard encryption. All credit card transactions are processed by Braintree's PayPal Express Checkout or Shopify Payments on behalf of Gem Sleuth.
If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us at firstname.lastname@example.org. And, if you'd like more detailed information from "Get Safe Online" on how to protect your information please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
4.2. WHAT INFORMATION WE COLLECT:We collect the following information via our website;
any personal details you type in and submit, such as name, address, email address, this is primarily used to process orders. Data collected may also be used to make sure you see the products most relevant to your interests getting you to the stuff you want as fast as possible.
your IP address (this is a string of numbers representing your computer on the internet kind of like a digital postal address), which is automatically logged by our web server. This is used to note your interest in our website for statistical purposes, and may be combined with other personal data such as your web browser type, operating system and a list of referral, in session and exit URLS to identify your browsing behaviour.
your email preferences - if you want to hear from us! We will combine order and browsing data to make sure you get emails tailored to you.
Browsing data includes session information stored in cookies used to ensure the correct data is extracted from the database when you use our website. For more information on the cookies we use on this site, please refer to our cookies policy
we do not hold sensitive payment details such as your card number, expiry date and security code. All credit and debit card payments are handled through our two secure third party payment processors - Braintree and Shopify Payments. Please refer to their respective privacy policies.
4.3. HOW WE COLLECT THIS INFORMATION:
We collect Data in the following three ways (1) data is given to us by you (2) data received from third party sources and (3) data is collected automatically.
- when you contact us through the Website, by telephone, post, e-mail or through any other means;
- when you register with us and set up an account to receive our products/services;
- when you complete surveys that we use for research purposes (although you are not obliged to respond to them);
- when you enter a competition or promotion through a social media or crowd-funding channel;
- when you make payments to us through this Website. This data is fully encrypted with Braintree's PayPal Express Checkout or Shopify Payments processing credit card transactions on our behalf;
- when you elect to receive marketing communications from us; when you browse our website and use our services;
Data that is collected automatically: To the extent that you access the Website, we will collect your Data automatically, for example: we automatically collect some information about your visit to the Website. This information helps us to make improvements to Website content and navigation, and includes your IP address, the date, times and frequency with which you access the Website and the way you use and interact with its content. we will collect your Data automatically via cookies, in line with the cookie settings on your browser. For more information about cookies, and how we use them on the Website, see the section below, headed "Cookies".
4.4. WHAT WE DO WITH YOUR INFORMATION
Any or all of the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. In all cases, the use of your data is in accordance with the General Data Protection Regulation (GDPR) and other applicable laws.
- to process your order & provide after-sales service
- improvement of our products / services
- to comply with legal requirements
- to keep you up-to-date with our latest offers
- to offer you the most personalised and relevant service we possibly can
- to make sure that our advertising and marketing is relevant to you, and delivered at a time, in a manner, and on the types of channels you prefer
- contact for market research purposes which may be done using email, telephone or mail. Such information may be used to customise or update the Website;
We may use your Data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not satisfied with this, you have the right to object in certain circumstances (see the section headed "Putting you in Control" below).
For the delivery of direct marketing to you via e-mail, we'll need your consent, whether via an opt-in or soft-opt-in: soft opt-in consent is a specific type of consent which applies when you have previously engaged with us (for example, you contact us to ask us for more details about a particular product/service, and we are marketing similar products/services).
Under "soft opt-in" consent, we will take your consent as given unless you opt-out. For other types of e-marketing, we are required to obtain your explicit consent; that is, you need to take positive and affirmative action when consenting by, for example, checking a tick box that we'll provide.
If you are not satisfied about our approach to marketing, you have the right to withdraw consent at any time. To find out how to withdraw your consent, see the section headed "Putting you in control" below.
When you register with us and set up an account to receive our services, the legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may use your Data to show you adverts and other content on other websites. If you do not want us to use your data in this way then please turn off the relevant cookies (please refer to the section headed "Cookies" below).
4.5. WITH WHOM WE SHARE YOUR DATA
We may share your Data with the following groups of people for the following reasons:
Royal Mail and Other Carriers: Royal Mail is our chosen carrier in the UK, though from time to time we may use other carriers. The information we provide to Royal Mail is your name and address and (if relevant), your phone number so that your Gem Sleuth parcel can be delivered in a timely manner. None of our carriers are permitted to share your data, or use your personal data for any purposes other than for the safe delivery of your order;
Shopify and other third party service providers such as Braintree who provide services that require the processing of personal data in order to perform essential functions, such as helping ensure the website runs smoothly and managing user payments and refunds
Google. When you are logged in, or create an account on our website for the first time, you will be assigned a unique user id. This is an anonymous string of numbers and does not contain personal information such as your name or email address. We provide this unique string of numbers to google every time you log in to your account. This allows google to add you to an anonymous group of 100+ browsers to which we may serve relevant adverts to, based on your browsing behaviour and purchase history. In practice this means that if you view our website on one browser, or on one device, and then later you are searching for products on another device, you will be able to find relevant Gem Sleuth products more quickly and easily in the search results.
Facebook: If you are logged in to facebook and you visit our website, facebook will be able to see what pages on our website you have visited. Facebook then aggregates the data about who has visited what pages on our website, and you may be served content on facebook relevant to the type of jewellery you have shown an interest in. For customers who have registered an email address with Gem Sleuth, we may share this information with Facebook. Facebook does not share your profile with us, or tell us whether or not you have a facebook account. However, based on the email addresses we provide, facebook may add your facebook profile to an anonymous list of 100+ profiles which may collectively be served content specific to Gem Sleuth. Facebook will not use the emails we provide to allow other 3rd parties to market products to you.
Session Recording: We are constantly striving to make our website better. This means trying to reduce bugs, frustration points and generally making the interface easier so you can find what you want faster. To do this we sometimes use 3rd party session recorders such as fullstory or freshworks that let us see what you're seeing when your browsing the site. All recorded sessions are removed after 30 days.
Shopify Apps and Plug Ins: We use a select number of Shopify approved Apps and Plug Ins to improve your online shopping experience. We share details of customers and purchases with these service provider, but no payment or credit card information is provided. Some of these apps drop cookies on out site in order to perform their function and you can view these and other cookies in our cookies policy.
Relevant Authorities to facilitate the detection of crime or the collection of Value Added Tax (VAT) or duties
You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
This Website may place the following Cookies:
|Type of Cookie||Purpose|
|Strictly necessary cookies||These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.|
|Analytical/performance cookies||They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.|
|Functionality cookies||These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).|
|Targeting cookies||These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.|
Please refer to our Cookies schedule for a list of the cookies we use and for more information on how to disable or delete cookies.
4.7. PUTTING YOU IN CONTROL
We want to put you in control of your data and privacy and our data control panel allows you to do so. Whenever you login to your account you can view and update your preferences including options to:
- unsubscribe from our mailing list
- opt out of receiving automatic review emails after you order
- opt out of being displayed adverts relevant to the products viewed
- delete your account
You have the following rights in relation to your Data:
Right to access- the right to request (i) copies of the information we hold about you, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is "manifestly unfounded or excessive." Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
To make enquiries or exercise any of your rights set out above, please email us at email@example.com or use our online contact form.
4.8. DATA RETENTION
We keep order and customer data to comply with UK tax and accounting law. However, annually we remove personal data from accounts and the orders linked to those accounts that have been inactive for 4 years. You can, at any time request account deletion by writing to us at the above address.
Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.