GDPR Data Legislation information

HandmadecardsbyDayo comes under Shopify, which believes strongly in data protection and privacy. It gives all of its merchants and partners the ability to offer you, as a buyer, the rights afforded by the GDPR to control your personal data, wherever you live.

This means you are provided with the tools and processes for it to fulfill GDPR-related requests as a buyer regardless of your location.

In line with the GDPR Data Legislation.

By signing into our website, you are consenting that you give us permission to contact you. Under the Data Protection Act 2018 and GDPR (General Data Protection Regulation), we have a duty to protect any personal information we collect. Personal data collected will only be used for the purpose of reporting on project success and will not be disclosed to any external organisations (except partners) without your permission. We want you to be confident that we will keep it secure and use it both lawfully and ethically, respecting your privacy. The information will be anonymised for reporting purposes. 

 

The types of personal data we collect includes (but are not limited to):

    • Name
    • Address
    • Phone number(s)
    • Email address(es)
    • Other identifiers (for example social media usernames)
  • We want you to be confident that we will keep it secure and use it both lawfully and ethically, respecting your privacy. 
  • Location data

How will you process my data?

To send you email receipts, we use the Shopify service which has structured its data flows so that merchants transfer data to Shopify's Irish affiliate within Europe. For that reason, Standard Contractual Clauses are not appropriate, as they are approved for transfers between a European party and a non-European party

Shopify has a robust, cross-functional data protection program that is integrated with its information security program and includes several teams across the organisation. In particular, the data protection program includes a designated Data Protection Officer, who reports to senior management, as well as individuals from:

  • ●  Internal Security

  • ●  Legal

  • ●  Legal Operations

  • ●  Production Security

  • ●  Processing Integrity

We collect this information directly from you. For example, when you:

  • Interact with our website and social media platforms
  • Become a customer/participant
  • Make an enquiry through our website(s)
  • Participate in surveys
  • Purchase services or products from us
  • Raise a complaint or request
  • Participate in our workshops/events
  • Consent: In some situations, we will ask you for your consent to collect and process your personal data, for example:
    • When you interact with us via our website and social media, for example Twitter and Facebook
    • Through interacting with our website
    • Attending events
    • Contact information when ordering an event ticket
    • Requests from customers
    • Taking photographs for publicity
    • Recording third party permissions
  • Who we share your personal data with

    In order to provide you with a service and to fulfill our business objectives and obligations, there are many situations where it is necessary to share your personal data with third parties. In such circumstances, we will share your data with the following categories of organisations/individuals:
    • Event partners
    • ICT service providers and software companies, such as Microsoft, Survey Monkey, Eventbrite and hosted and inhouse providers and Google

It is even easier for you to control the emails you receive from us, and how your information is used. You can do this by clicking “privacy & preferences” on your user profile.

Thank you for being a good customer and for taking action on the issues that relate to you.