Privacy Policy and Data Collection

Lilly Hastedt is committed to ensuring that your privacy is protected. This privacy policy explains how we process customer information and the procedures that we have in place to safeguard your privacy.

The GPDR requires website administrators to provide a responsible approach to your private data, the way we use it, how it is stored and what you can do if your data is breached or is misused. This is a European requirement and reinforced version of existing privacy legislation, that has arisen following several serious breaches on well known internet websites.

Our obligation is to ensure you are informed and confident in the way we are providing well designed systems and safeguards to protect your data from abuse and misuse.

We must also tell you if anything goes wrong with that system, how we deal with it and how you can see what data we hold on you. You also have the right to request to see all data we hold about you and on you request, that it should be permanently deleted from our system.

We adhere as closely as possible to the guidelines set out by the ICO and the following sections will detail in clear and plain language everything to do with the data we hold about you

The ICO also require that you give us consent to collect this data in an explicit way by agreeing to this privacy policy detailed in the sections to follow. If you do not agree, you should not continue to view this website and you should delete all cookies in your browsers and cease to visit our URLs again.

If you do agree, you should check the agreement box and continue using this website. You should also check regularly to see if the date of this privacy policy has changed, in order to reassess your agreement with us if the policy changes.

Please read all the sections following in this document and remember to check the consent boxes to remind you that you have allowed us to collect the data being sent to us. In all cases, the consent boxes will link back to this document so that you can review the data we collect, how we use and store it and what your rights are to delete or see what we hold about you.

Definitions

Throughout this document, we may use certain words or phrases, and it is important that you understand the meaning of them. The following is a non-exhaustive list of definitions of words and phrases found in this document:

“Service” refers to the services that we provide and our Site itself;

“Site” refers to our websites, i.e. https://www.lillyhastedt.com, domains and/or its subdomains;

“Lilly Hastedt” refers to our company, registered as “Lilly Hastedt LTD”, our Site, our Service, or a combination of all or some of the preceding definitions, depending on the context in which the word is used;

“User” refers to anyone who uses our Service, including general visitors to our Site;

“You” refers to you, the person who has accepted this Privacy Policy.

What personal data we collect and why we collect it

We are an UK based company and operate web servers hosted in the UK by OVH and CDN services managed by Clouflare. Our providers adheres to the EU/US “Privacy Shield”, ensuring that your data is securely stored and GDPR compliant. For more information about their privacy policies, please see here: OVH Privacy Policy and Cloudflare Privacy Policy.

Identifying Data

If you register on our website, we store your chosen username and your email address and any additional personal information added by yourself to your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit this information.

The information we collect from you to the extent that it is private is disclosed only in accordance with our Terms of Service and/or this Privacy Policy.

Non-Identifying Data

As is true of most websites, we gather certain information automatically and store it in log files. In addition, when you use our Services, we may collect certain information automatically from your device. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, landing page, and referring URL. To collect this information, a cookie may be set on your computer or device when you visit our Services. Cookies contain a small amount of information that allows our web servers to recognise you.

We store information that we collect through cookies, log files, and/or clear gifs to record your preferences. We may also automatically collect information about your use of features of our Services, about the functionality of our Services, frequency of visits, and other information related to your interactions with the Services. We may track your use across different websites and services. In some countries, including countries in the European Economic Area (“EEA”), the information referenced above in this paragraph may be considered the personal information under applicable data protection laws.

Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, this information alone cannot usually be used to identify you.

Contact Forms

When you contact us using one of the contact forms available in the website, we collect the data explicitly indicated in the form (email, First Name and Last Name). This data is kept indefinitely for customer service purposes only.

Cookies

If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Live Chat

We use the Facebook Messenger service into our website and offer the same functionality if you contact us using our official Facebook Page

Trough the chat popup available on the website pages, users can get in touch with an operator.

Whenever a chat conversation is started, the following data will be stored: username, email address and client IP address. This service is managed by Facebook (please, refer to Facebook Privacy Policy for more details).

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Chat Operators can access:

  • The list of offline messages
  • The list of chat logs

Shopping

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of basket contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we can store order information indefinitely for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

We share information with third parties who help us provide our orders and store services to you; for example: Google Analytics, Facebook and MailChimp.

Payments

We accept payments through Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.

Please see the Stripe Privacy Policy for more details.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Data Usage

We may use your information and data to:

  • Enhance or improve User experience, our Site, or our Service.
  • Send e-mails about our Site or respond to enquiries.
  • Send e-mails and updates about Lilly Hastedt, including our e-mail marketing newsletter (in case we have clear consent for it). You may opt out of these emails at any time.
  • Perform any other function that we believe in good faith is necessary to protect the security or proper functioning of our Site or Service.

If you do not consent to the collection, use or disclosure of your personal information as outlined in this policy, please do not provide any personal data to Lilly Hastedt and no longer consent to its use or disclosure as outlined herein.

Access to your data

We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. If you are a client with a registered account, your personal information can be accessed by us in order to provide you support and contact you back.

We do not sell, trade or otherwise transfer to outside parties any personally-identifiable information. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us.

Facebook

Facebook provides the live chat platform we use to communicate with our customers online and handle support and pre-sales requests. The data they receive is limited to the data you explicitly provide and consent to being set when you start a live chat. For more information please see here: Facebook Privacy Policy

MailChimp

If you sign up to our newsletter, using our newsletter form that is hosted by MailChimp (on their server), your email address as well as the marketing reasons to contact you for, will be stored by MailChimp. You have to give explicit consent to all marketing means you want us to use to contact you. For more information on MailChimp’s privacy policy, please see here: MailChimp Privacy Policy.

Google Analytics

Google Analytics uses cookies to collect non-identifying information. Google provides some additional privacy options regarding its Analytics cookies at http://www.google.com/policies/privacy/partners/.

We use Google Analytics on our site for anonymous reporting of site usage. So, no personalised data is stored. If you would like to opt-out of Google Analytics monitoring your behaviour on our site please use this link: Google Analytics Opt-out.

Facebook Pixel

Facebook Pixels are used by us in order to collect data that can be use for Facebook Ads and as an additional Analytics tool to better understand our customers. Facebook provides more information about it here: https://www.facebook.com/policies/cookies/

You can disable and control what kind of information Facebook has access to by checking your Ad Preferences

Links to third party websites

Lilly Hastedt may post links to third party websites on this Site. These third party websites are not screened for privacy or security compliance by Lilly Hastedt, and you release us from any liability for the conduct of these third party websites.

All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties, unless you explicitly click on them.

Lilly Hastedt bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.

How long we retain your data

When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, agreed to use cookies, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).

If you wish that all of your data is erased, we will no longer be able to offer any support or other product related services to you.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

How we protect your data

We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personal identifiable information is not captured/hijacked by third parties without authorisation.

In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.

Address and contacts

Lilly Hastedt
3 Lonsdale Road
London, W11 2BY, United Kingdom
Phone: +44 20 7221 3344
Email: contact@lillyhastedt.com