Who we are
This privacy policy covers how we, Emhow Art, collect, store and use information about you and when you use or interact with our website, http://www.emmhowell.co and where we otherwise obtain or collect information about you. This privacy policy is effective from 25th May 2018.
How we collect your personal data
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. This information is used in conjunction with Google Analytics, a service that allows us to monitor website traffic and usage. Google Analytics does not identify individual users of the website, nor does it associate your IP address with any other data held by Google.
When you subscribe to our mailing list, we send you updates about Emma’s studio practice, artwork release, events and more. In line with GDPR, we are not permitted to email you without your consent. Therefore, as you sign up to our mailing list, you are presented with an opt-in option in order to receive the emails. You are entitled to request the removal of your personal information at any time and given the opportunity to ‘unsubscribe’ at the footer of each email.
On occasions (e.g. during an event), there may be times where Emma has gathered your personal information with yourself, face-to-face. In this instance, your email address will be added to our mailing list (with your consent). You will also have right to request the removal of your data, if you wish.
What personal data are we collecting and why
If you were to purchase an artwork from our store, we would collect your name, shipping address, email address and payment details. This to provide you with a service – to make sure that your purchase arrives to you, at your desired address and to update you on the status of your order via email. At the time of purchase, we give you an option to be on our mailing list to receive Emma’s studio updates. You are not obliged to subscribe.
Where we share your information – third party sites
Your information is securely used in conjunction with the following third party sites:
- PayPal for product payment procedure. Their privacy policy: https://www.paypal.com/en/webapps/mpp/ua/privacy-full
- Mailchimp for email marketing/mailing list subscription. Their privacy policy: https://mailchimp.com/legal/privacy/
- Google Analytics to track traffic data and website usage. Their privacy Policy: https://policies.google.com/technologies/partner-sites?hl=en-GB&gl=uk
Your rights
You have the right to withdraw your consent of us holding your information at any time. We will endeavor to grant your withdrawal and remove your details as soon as possible.
We ensure that you have a clear and easy way to unsubscribe from emails and the ability to request an erasure of your personal details by emailing [email protected].
You have the right to lodge a complaint with a supervisory authority. In the UK, this would be the ICO: https://ico.org.uk/concerns/
How we secure your data
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
How we would handle a data breach
In an unlikely event of a data breach, we have a set strategy in place so that we are able to diagnose and solve the problem quickly and efficiently.
Firstly, we identify the breach and investigate how it happened and why. After identification, it is vital at this point to restore the security that caused the breach.
Once the initial breach has been resolved and security is at its optimum level, we will need to assess the risks caused by the breach, both for you (the individual) and us (the business). Then we will repair the data and system in order for our business to continue to operate.
If there has been a breach of data, we will notify you as soon as we have been made aware. Following on from the breach we will evaluate our response to the event, identify lessons learnt and improve our security response plan to be prepared for the future.
Decisions to retain your personal data
In good practice, we regularly review the personal data that we hold and endeavor to delete anything we no longer need.
Third party links
Third-party links on our website (e.g. blog post references) may direct you to third-party websites that are not affiliated with us. We are not responsible for examining or evaluating the content or accuracy and we do not warrant and will not have any liability or responsibility for any third-party materials or websites, or for any other materials, products, or services of third-parties.