Oh hai there! Welcome to the most interesting page on our site; the place where we explain how we comply with GDPR (General Data Protection Regulation) and the various other funky sounding regulatory thingies (that we mostly have no idea of what they mean) because doing this is fun and no-one over here has anything better to do neither.
Are you in a super hurry? Here’s the TL;DR version:
To be able to function as an online store we need to collect a bunch of info about you that we need to provide you with the products that you buy from us. If you have signed up to our spanking fine newsletters then we send you mail via space. Besides that we might stalk you via Facebook & Instagram adverts and Google Shopping ads if you forgot who we are and need to search for us. You might also find our ads on Pinterest. That’s basically it. We’re a tiny and slightly overworked little shop that has neither the time nor energy to do anything evil with your data, we swear. We have also become quite good at not forgetting our laptops or hard drives on the train, as well as locking our doors, so whatever little info we have of you is mostly quite safe with us (reassuring, yeah?).
You like this stuff? Well then here’s the full deal:
TRACKING OUR VISITORS (ways we stalk you)
Look, we’re following you, ok? We use Google Analytics, primarily to stare at the real time stats because they’re cool but also to see what stuff people are looking at so we can make more of the things you like. I mean sometimes but then it makes our heads hurt again and we don’t look at it for another 6 months.
We also have the Facebook and Pinterest Pixels installed so that we can sell you stuff. Yes you heard it. We are a business and – shocker – we want you to spend money with us. The Facebook Pixel means that we can see how people interact with our site and with Facebook adverts and then we try to flog you relevant stuff. If you’ve not seen the Facebook Ads analytics dashboard MAN ALIVE it’s stalker central. That shit is a terrifying Black Mirror horror show. If you’re not on Facebook – well bloody done but the pixel is tracking you anyway (unless you are using the newest Safari browsers or IOS, then you'r good).
Neither of these things store any super personal data about you but probably they nab your IP address, not that we’d know where to look for it or what to do with it. All we see is that a person or many people have interacted with the website in a particular way. You can mess with us by doing something totally unexpected on the website and skewing our stats. Or you could do something way more fun and useful with your time like learning Japanese or how to crochet or something. Your choice.
All this jazz is about what we do with your data. As already mentioned, we’re not some kind of evil conglomerate or dodgy phishing website so we don’t do anything nefarious with the information you provide to us. But for a number of reasons, we do store your data in a few different places and use it in a couple of different ways.
Here on this website! If you buy stuff from us we will store your name, email address, postal address, and purchase history. Your payment details ARE NOT held on the site. We obviously go to the maximum effort to keep this data secure and only three people have access to it. Only one of them ever actually looks at it and that’s to solve any technical problems you might have.
We’ll be honest: we do absolutely nothing unsurprising or radical with your info. We’d love to say that we use your purchase history to target you with ads for stuff you might like, but honestly we don’t really know how. If we need to contact you about your order, we’ll email you. We use the postal address you give us to send your orders to, obviously. All groundbreaking stuff I’m sure you’ll agree.
Klaviyo Emails! If you’ve signed up to our mailing list for a discount code, competition, just because you want yet more email in your inbox (are you lonely? We can always chat more if you want…) or have bought anything from us, your name and email address also wangs its way over to Klaviyo, which is the system we use to manage our newsletters and emails. They are (allegedly) GDPR compliant. You would’ve had to click ‘are you sure you want this email’ about a gabillion times to make your way onto our list, but you can unsubscribe from our marketing emails at any time by hitting the unsubscribe button. Simples.
Photos! When you upload photos in our shop in exchange for super cool photo stickers we'll keep your photos stored only for the time it takes to print and send them to you. If you wish to order a re-run of your lovely pictures you need to upload them a second time, because we do not keep copies here just in case that someone would break in and steal all your cute baby pics.
Order management! We actually print our products on order (yes, you read that right)! No massive stocks or big overheads, just order and we'll print it for you. Simple as that. This also means that we need some way to keep track of all orders and the awesome people who placed them, so yes, we do utilize different systems to make sure your order travels safely all the way from the screen to the final printed product.
In real life! We keep paper copies of your order details to help us process your order and because we like the feel of paper and the sound of our 90’s HP printer. This includes your name, email address, postal address, what you ordered, when you ordered it and how much you paid for it.
YOUR PAYMENT DETAILS
When you place an order with us, you will either pay through Stripe, PayPal or one of the cool online banking systems. The only payment-based details we hold on our site is how much you’ve spent and whether you paid with Stripe or PayPal. We have no bank or card details or any access to your hard earned cash here. We love it when we get emails like “hey can you charge my card extra for x” because it’s like lol honey if I had access to your card details I’d be on a flight to Barbados by now (joke, obviously. Or am I?)
EMAIL MARKETING AND WHATNOT
If you sign up to our newsletter, we will send you a newsletter – generally around a few times a month, but occasionally more if there is more interesting stuff to tell you, probably less because we love paying a monthly fee for something we don’t really use, yolo.
You can unsubscribe at any time by clicking the unsubscribe button in every email. Your name and email address are stored securely in Klaviyo. They are GDPR compliant and very good at it too.
Klaviyo automatically adds tracking things to links so if you click on a link we know. If you open an email we know and love you for it. If you ignore us then WE KNOW and sometimes it keeps us up at night wondering what we’ve done wrong.
The most important thing about this is we have neither the time nor inclination to actually look at or do anything with these stats.
OTHER THIRD PARTIES
So it’s probably not a huge shock to you to know that we have to work with some other companies in order to supply you with the products you buy from us. Here’s the skinny on what info they have on you, from us.
Shipping! Contrary to popular belief (or so you’d think from some of the emails we get…) we don’t do our post runs on our own personal tiger. Though that would be fun. We mostly work with DHL or the postal service of your beautiful home country. They’ll have your name, postal address and occasionally your telephone number in order to deliver your order swiftly. Not rocket science really. Both are kind of a big deal so will have shit hot GDPR policies we’re sure.
Shopify! This site is hosted by Shopify, so your orders are processed through them. Therefore they have your name, address, order info and amount and email address. They do NOT have access to your financial information. Shopify includes a really nice button that let’s us delete all your info in just one click. Just send us a message and we’ll pull the trigger.
Zapier! This is the go-between between the website and our third party services. At the moment we just use Zapier to grab your email address once you’ve ordered, to put it into Mailchimp; apparently there are a bunch of other third-party apps we could be using it for to make ourselves better but honestly the whole thing gives us a headache. You would’ve clicked a little box during checkout to say ‘add me to this mailing list’ for your details to process through Zapier. Again, Zapier is (allegedly) GDPR compliant, though we’re just gonna have to trust them on that one because we don’t have the time or energy to look into it. Sorry.
Order Desk! These are the amazing guys who help us keep track on all your orders and what to print.
YOUR RIGHT TO BE DELETED
If you’re a secret agent or something and would prefer we didn’t keep the info we have on you, just email us at hello@madeofsundays. and we’ll delete all the info we have on you from our systems while having a little panic about what we could’ve possibly done to offend you.
This does not include PayPal and Stripe. If you want to delete your PayPal or Stripe accounts you have to do that yourself via PayPal or Stripe.
We cannot delete your purchase history because the taxman will be terribly upset. Sorry about that.
Thank you for reading! NOTE: the original version of this text was written by the magical Sophie at http://www.crownandglory.co.uk/. She has the best store and she’s a super nice person too. Go buy all her stuff.