Articulo Ltd, trading as Alhambra Tiles, is committed to protecting your privacy and security. This policy explains how and why we use your personal data, to ensure you remain informed and in control of your information. The policy also informs you as to how we look after your personal data when you visit our website. We will also tell you about your privacy rights and how the data protection law protects you.
We will only ever share your data with organisations we work with where necessary and if its privacy and security are guaranteed.
Any questions you have in relation to this policy or how we use your personal data should be sent to email@example.com or addressed to Articulo Ltd, International House, 36-38 Cornhill, London, EC3V 3NG.
- About us
Your personal data (i.e. any information which identifies you, or which can be identified as relating to you personally) may be collected and used by Alhambra Tiles (collectively referred to as Articulo Ltd, "we", "us", or "our" in this privacy notice). Our contact details are International House, 36-38 Cornhill, London, EC3V 3NG; firstname.lastname@example.org.
What information we collect
- Personal data you provide
We collect data you provide to us. This includes information you give when you email us or send in a contact form via our website enquiring about our products, when you place an order, or when you subscribe to our mailing list. For example:
- personal details (name, email, address, telephone number, etc.)
- financial information (payment information such as credit/debit card details when you place an order. For more information on payment security see Section 8 (How we protect data)
- details of your preferences in terms of our products (which might include info on things such as your decorating taste and style preferences).
- Information created by interest in our products
Your interest in our products may result in personal data being created. This could include information on the tiles you have expressed interest in, timescales for the work and email correspondence. This information is held securely on our Customer Relationship Management System, Capsule CRM. For more information, see Section 9 (Storage).
- Information we generate
We may conduct research and analysis on the information we hold, which can in turn generate personal data. For example, by analysing your interests we may be able to build a profile which helps us decide which of our communications are likely to interest you. Section 7 (Research and profiling) contains more information about how we use information for profiling and marketing.
- Information from third parties
We may collect information from social media where you have given us permission to do so, or if you post on one of our social media pages.
- Sensitive personal data
We do not collect or store sensitive personal data about you (such as information relating to health, beliefs, political affiliation, etc.).
- How we use information
We only ever use your personal data with your consent, or where it is necessary to:
- enter into, or perform, a contract with you
- comply with a legal duty
- protect your vital interests
- for our own (or a third party’s) lawful interests, provided your rights don not override the these.
We will only use your information for the purpose or purposes it was collected for (or else for closely related purposes):
We use personal data to communicate, promote new products, alert you to special offers and keep you up to date with our news. For further information on this please see Section 6 (Marketing).
We use personal data for administrative purposes. This includes:
- maintaining databases of our clients, suppliers and professional contacts;
- fulfilling orders for goods or services (whether placed online, over the phone or in person);
- helping us respect your choices and preferences (for example if you ask not to receive marketing material, we will keep a record of this).
- Internal research and analysis
We may carry out research and analysis on our clients, to better understand their needs and how we can best help them. This helps inform our approach towards our offer, making it stronger and more relevant. It also helps to make our communications more relevant.
- Client research and profiling
We evaluate, categorise and profile personal data to tailor services and communications. This also helps us understand our clients, improve our organisation, and carry out research. Further information on profiling can be found in Section 7 (Research and profiling).
- Disclosing and sharing data
We will only share personal data with subcontractors or suppliers who provide us with services. For example, if you order something from us, your name and address will be shared with our suppliers in Spain and the delivery company. However, these activities will be carried out under a contract which imposes strict requirements on our supplier to keep your information confidential and secure.
Marketing does not just mean offering things for sale, but also includes news and information on things such as new design trends and useful information about how to install and look after your tiles, among other things.
We strive to provide you with choices regarding the form of our marketing communications, but as a small team our main communication comes in the form of an occasional email newsletter. You might receive marketing information if you have requested information from us or purchased goods or services from us.
When you receive a communication, we may collect information about you, and respond to or interact with that communication, and this may affect how we communicate with you in future.
You can decide not to receive communications or change how we contact you at any time. If you wish to do so, contact us by emailing email@example.com writing to Articulo Ltd, International House, 36-38 Cornhill, London, EC3V 3NG.
- Research and profiling
This section explains how and why we use personal data to build profiles which enable us to understand our clients, improve our relationship with them, and provide a better customer experience.
- Profiling to help us understand our clients and improve our service
We may profile you on our database in terms of whether you are a private or professional client and, if professional, your occupation (for example interior designer, architect, restaurant owner, etc.), your location if it is local to us, and the type and size of your order. This is to help us remember important information about your needs, which is valuable to both you and us, especially if you are a returning client.
- Anonymised data
We may aggregate and anonymise personal data so that it can no longer be linked to any particular person. This may be demographic or statistical data, for example, how many interior designers in south London contacted us about tiles in 2019. This information can be used for a variety of purposes, such identifying trends or patterns within our existing client base. This information helps inform our actions and improve our product offer and standard of service, keeping it relevant.
- How we protect data
We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to or use or disclosure of your personal information.
Electronic data and databases are stored on secure computer systems, and we control who has access to information (using both physical and electronic means). Our staff receive data protection training, and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.
- Payment security
Our online store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment: If you choose a direct payment gateway online to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more info, you may like to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
Clients may also pay through bank transfer, to our account at Revolut.
Of course, we cannot guarantee the security of your home computer or the internet, and any online communications (for example information provided by email or our website) are at the user’s own risk.
- Where we store information
Our operations are based in the UK and we store our data within the European Union. Some organisations which provide services to us may transfer personal data outside of the EEA, but we’ll only allow them to do if your data is adequately protected.
Our client/supplier/professional colleague database is held securely in ‘the cloud’ on our Customer Relationship Management System, Capsule CRM. To see Capsule’s security policy, please visit: https://capsulecrm.com/security/.
- How long we store information
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we will keep a record of your preference not to be emailed).
By law we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data. For further information see Section 10 (Keeping You in Control).
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We continually review what information we hold and delete what is no longer required. We never store payment card information.
- Keeping you in control
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
- the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as subject access request);
- the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
- the right to have inaccurate data rectified;
- the right to object to your data being used for marketing or profiling; and
- where technically feasible, you have the right to personal data you have provided to us which we process automatically on the basis of your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you would like further information on your rights or wish to exercise them, please write us at Articulo Ltd, International House, 36-38 Cornhill, London, EC3V 3NG or email firstname.lastname@example.org.
You can complain to us directly by using the details set out above.
If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk.
Cookies and links to other sites
Our website uses local storage (such as cookies) to provide you with the best possible experience and to allow you to make use of certain functionality (such as being able to shop online). Cookies may automatically collect technical data about your equipment, browsing actions and patterns.
- Links to other sites
Our website contains hyperlinks to other websites. We are not responsible for the content or functionality of any of those external websites (but please let us know if a link is not working by using the 'Contact us' links throughout our website, or by emailing us at email@example.com.
When purchasing goods or services from any of the businesses that our site links to, you will be entering into a contract with them (agreeing to their terms and conditions) and not with Articulo Ltd.