Privacy Policy

Privacy Policy

Last updated: October 4, 2024

Noctua Jewellery and Workshops ("us", "we", or "our") operates https://noctua.co.uk (the "Site"). This page informs you of our policies regarding the collection, use, and disclosure of Personal Information we receive from users of the Site. We are committed to protecting your personal data and complying with the UK General Data Protection Regulation (UK GDPR).  

Information We Collect

We collect several types of information from and about users of our Site, including:

• Personal Information: This refers to information that can be used to identify you, such as:

  • Your name

  • Your email address

  • Your phone number

  • Your postal address (if provided for shipping or other purposes)

   

• Billing Information: We use Stripe to process payments. While we do not store full credit card details, Stripe may collect and store certain billing information necessary to process your transactions. Please refer to Stripe's privacy policy for more details.

• Log Data: Like many site operators, we collect information that your browser sends whenever you visit our Site. This may include your computer's Internet Protocol (IP) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages, and other statistics.  

• Cookies: Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer's hard drive. We use cookies to collect information and improve your experience on our Site. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.  

Lawful Basis for Processing

We process your personal information for the following purposes and rely on the following lawful bases:

• To process your workshop bookings and payments: Contract - processing is necessary for the performance of a contract with you.

• To communicate with you about your bookings: Contract - processing is necessary for the performance of a contract with you.

• To send you marketing communications: Consent - you have given clear consent for us to process your personal data for this purpose. You can withdraw your consent at any time by unsubscribing from our marketing emails.

• To analyze website traffic and usage: Legitimate Interests - processing is necessary for our legitimate interests in understanding how our website is used and improving its content and functionality, provided those interests are not overridden by your fundamental rights and freedoms.

Your Rights

You have the following rights regarding your personal data:

• Right to access: You can request access to your personal data that we hold.  

• Right to rectification: You can request correction of any inaccurate or incomplete data we hold about you.

• Right to erasure ("right to be forgotten"): You can request deletion of your data in certain circumstances, such as when it is no longer needed for the purposes for which it was collected.

• Right to restriction of processing: You can request limitations on how we process your data in certain circumstances, such as when you contest its accuracy.

• Right to data portability: You can request a copy of your data in a portable format.

• Right to object: You can object to processing based on legitimate interests or direct marketing.

You can exercise these rights by contacting us at hello@noctua.co.uk.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, and resolve disputes.  

Data Sharing

We may share your information with the following third parties:

• Squarespace: Our website provider, which hosts and manages our Site. See Squarespace's privacy policy.

• Stripe: Our payment processor, which processes payments for workshop bookings. See Stripe's privacy policy.

• Google Workspace: We use Google services for email, document storage, and other business operations. See Google's privacy policy.

• Acuity Scheduling: Our booking system, which manages workshop schedules and registrations. See Acuity Scheduling's privacy policy.

We only share the minimum necessary information with these third parties, and we have agreements in place to ensure they handle your data securely and in accordance with applicable laws.

International Data Transfers

We may transfer your personal data outside the UK to the following third-party service providers:

• Squarespace (US)

• Stripe (US)

• Google Workspace (US)

We will ensure that any such transfers are subject to appropriate safeguards, such as the EU-US Data Privacy Framework or Standard Contractual Clauses, to protect your data and comply with UK GDPR requirements.

Data Security

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure. These measures include data encryption, access controls, and regular security assessments.  

Data Breaches

In the event of a personal data breach, we will take appropriate steps to contain the breach, investigate the incident, and notify affected individuals and the Information Commissioner's Office (ICO) as required by law.

Changes to This Privacy Policy

We reserve the right to update or change our Privacy Policy at any time. We will post any modifications to the Privacy Policy on this page, and the revised version will be effective immediately upon posting.

Contact Us

If you have any questions about this Privacy Policy or your data protection rights, please contact us at:

Noctua Jewellery and Workshops LTD hello@noctua.co.uk