Privacy Policy

Who We Are

This Privacy Policy describes how and when we, Purple Iris, collect, use, and share information when you purchase an item from us, contact us, or otherwise use our services through our website https://purpleiris.org.uk or our related sites and services.

This Privacy Policy does not apply to the practices of third parties that we do not own or control, including PayPal or any third party services you access through PayPal. PayPal’s Privacy Policy can be found here.

Information We Collect

To fulfil your order, you must provide us with certain personal information, such as your name, postal address, email address as well as personal account preferences; transactional data, such as purchase information; and technical data, such as information about cookies. You may also choose to provide us with additional sensitive personal information such as health information relevant to designing a bespoke/custom order, when you contact us directly.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Visitor comments are checked through an automated spam detection service, Akismet anti-spam service. The information Akismet collects includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

Contact Forms

If contact us using the form on our website, we keep contact form submissions for one year for customer service purposes, but we do not use the information submitted through them for marketing purposes.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Why We Need Your Information and How We Use It

We rely on a number of legal bases to collect, use, and share your information, including:

  • as needed to provide our services, such as when we use your information to fulfil your order, to settle disputes, or to provide customer support;
  • when you have provided your affirmative consent, which you may revoke at any time, such as by signing up for my mailing list;
  • if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law; and
  • as necessary for the purpose of our legitimate interests, if those legitimate interests are not overridden by your rights or interests, such as 1) providing and improving our services. We use your information to provide the services you requested and in our legitimate interest to improve our services; and 2) Compliance with PayPal’s User Agreement and Terms of Use. We use your information as necessary to comply with our obligations under the PayPal User Agreement and Terms of Use.

While you visit our online shop, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 4 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

Information Sharing and Disclosure

Information about our customers is important to our business. We share your personal information for very limited reasons and in limited circumstances, as follows:

  • PayPal. We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the PayPal Privacy Policy for more details.
  • Service providers. We engage certain trusted third parties to perform functions and provide services to our shop, such as delivery companies. We will share your personal information with these third parties, but only to the extent necessary to perform these services.
  • Compliance with laws. We may collect, use, retain, and share your information if we have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce our agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of our customers, or others.

Data Retention

We retain your personal information only for as long as necessary to provide you with our services and as described in my Privacy Policy. However, we may also be required to retain this information to comply with our legal and regulatory obligations, to resolve disputes, and to enforce our agreements. We generally keep your data for the following time period: 4 years.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Your Rights

If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. We describe these rights below:

  • Access. You may have the right to access and receive a copy of the personal information we hold about you by contacting us using the contact information below.
  • Change, restrict, delete. You may also have rights to change, restrict our use of, or delete your personal information. Absent exceptional circumstances (like where we are required to store data for legal reasons) we will generally delete your personal information upon request.
  • Object. You can object to (i) our processing of some of your information based on our legitimate interests and (ii) receiving marketing messages from us after providing your express consent to receive them. In such cases, we will delete your personal information unless we have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
  • Complain. If you reside in the EU and wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.

Where We Send Your Data

How to Contact Us

For purposes of EU data protection law, I, Nic Hopkins, am the data controller of your personal information. If you have any questions or concerns, you may contact me at info@purpleiris.org.uk or via our contact page.