PRIVACY AND SECURITY
Below you will find information regarding the key aspects of our secure shopping service.
Hannah Sophia (Hannah Sophia, company reg:12530000) is the Data Controller.
Personal Data is any information from which an individual can be identified. For example, your name, address, telephone number and e-mail address may be Personal Data. It may also include technical information including the IP (Internet Protocol) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and if you access our site by your mobile device, we may collect your unique phone identifier. It is our policy to take all necessary steps to ensure that Personal Data held by Hannah Sophia Limited is held securely and processed fairly and lawfully.
Our lawful bases for processing Personal Data are:
- by consent of the data subject;
- necessary for the performance of a contract with the data subject or other person;
- compliant with a legal obligation;
- or necessary for the purpose of legitimate interests pursued by the Data Controller (except where these are overridden by the interests, right, or freedoms of the Data Subject).
Hannah Sophia respects your privacy. It is our intent to let you know what personal information we collect from you on the Internet. In order to place an order on our website you will be asked to give us your billing/mailing address, telephone number and email address. You may also create an online account for future reference and set a password for access. This enables us to send you confirmation of when your order has been dispatched as well as providing you with an easy log in for future visits to the website. You may also advise us of your marketing preferences. If you tell us that you do not wish to receive marketing updates, we will respect your wishes.
Communication & marketing
If you have given us your permission or made a purchase from our store we may update you on our latest products, news and special offers and events via e-mail, SMS & post. All Hannah Sophia customers have the option to opt-out of receiving marketing communications from us. If you do not wish to continue to receive marketing from us you should opt-out by:
- Visiting ‘Subscriptions’ in your ‘Account’ page on the Hannah Sophia website
- Click on the unsubscribe link in any email communications which we might send you.
- Contacting Customer Services by email at firstname.lastname@example.org
We use our legitimate interests to enhance your customer experience and provide the best in class service; therefore we will:
- remind you of what you may be missing if you have put items in your "Shopping Bag" on the Website and then abandoned them;
- send you surveys for feedback on our services to enhance your customer experience; and
- keep track of your requests and interactions with our customer service , telephone calls or direct email.
Sharing your data with Third Parties
Hannah Sophia is committed to protecting the privacy of our site visitors and customers. We will only disclose information about our customers to carefully vetted third parties where it is part of providing a service to you e.g. arranging for a product to be sent to you, carrying out security checks, for the purposes of customer research and profiling, inviting you to provide product reviews, or for improving our service to you. All third parties are required by Hannah Sophia to confirm that they apply appropriate data protection and security controls in compliance with EU General Data Protection Regulation. They agree to only use your Personal Data for the purposes Hannah Sophia instructs and to take appropriate measures to prevent unauthorised or unlawful access to it. Our third party processors include IT, Payment Service Providers, Marketing Services and Logistics providers.
Should Hannah Sophia sell or transfer any of its business assets, this may include a sale or transfer of such databases of information to third parties as part of a business sale. In addition, such a transfer or sale may mean that your Personal Data may be transferred to countries outside the EEA. Any such sale or transfer of Personal Data will be under strict conditions of confidentiality and security.
Where we store your personal information
The information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or business partners. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support and associated services. Our suppliers and business partners may also transfer, store, use and otherwise process your information outside the EEA for the purpose of fulfilling their obligations to you and to provide you with information, goods and services. By using our sites, stores, social media and submitting your information during the purchase of items or participation in competitions and other promotions, you agree to this transfer, storing or processing inside and outside the EEA as stated above. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy.
Handling your personal data online
If you are interested in placing an order with us online, but are concerned about how safe and reliable it will be, here is some information about how we manage and protect your data:
- Our secure server software encrypts information to ensure your transactions with us are private and protected as they travel over the Internet. All credit card transactions are handled by an approved third party on a secure server using a minimum of 128-bit encryption. Hannah Sophia is fully PCI Compliant.
- When you make a purchase from our website, we collect certain personal information from you (for example: your name, email address, payment address and details). All such personal information is held on secure servers and will be treated as fully confidential.
- Hannah Sophia has appropriate security measures in place against unauthorised access or alteration, disclosure or destruction of personal data and against accidental loss or destruction of such data.
Seraphine is committed to supporting the requirements of the GDPR and applicable data protection legislation which aims "to regulate the use of automatic processed information relating to individuals and the provision of services in respect of such information".
We will ensure that all personal data held by us is obtained and processed fairly and lawfully, i.e. in accordance with the provisions of the GDPR and applicable data protection legislation. All personal data held by Hannah Sophia will:
- Only be held for specified and lawful purposes.
- Not be used or disclosed in any manner incompatible with any lawful purpose.
- Be adequate, relevant and not excessive in relation to the purpose for which it was obtained.
- Be accurate (insofar as the Company can control this process, being dependent on customer integrity and the integrity of such credit reference agencies as it uses) and kept up to date.
- Only be kept for as long as is necessary for a particular purpose, for example, Seraphine specifically needs to keep names and addresses of customers in order to deal with any queries, complaints or after sales service enquiries.
Obtaining, Correcting or Updating your Personal Data
Where we use your personal data on a consent basis, you have the right to withdraw that consent at any time. You also have the right to ask us to stop using your personal data for profiling or direct marketing processes.
You can update, erase or amend your preferences or how we manage your data at any time using the contact details below.
You can also find out what personal data Hannah Sophia holds about you by submitting a Subject Access Request. We will give you a copy of the information in a clear, readable format with an explanation as to why we hold it and how we use it. To complete your Subject Access Request you will be asked to provide the following details:
- The personal information you wish to access
- The date range you wish to access
- Information to help us confirm your identity
You can contact us for any of these requirements:
- By email at Customerassistance@hannahsophiaengland.com
If you are not happy with our data handling processes, in the first instance, please speak to us directly so that we can resolve your enquiry. You also have the right to contact the Information Commissions Office (ICO) if you have questions about Data Protection. You can contact them by phone on 0303 123 113 or www.ico.org.uk.
A cookie is a small information file that is sent to your computer and is stored on your hard drive. If you have registered with us then your computer will store an identifying cookie which will save you time each time you re-visit Seraphine, by remembering your email address for you. You can change the settings on your browser to prevent cookies being stored on your computer without your explicit consent. For further information about cookies visit www.aboutcookies.org
Information collected by Hannah Sophia is used internally by authorised Hannah Sophia employees for three main purposes.
- To improve our site by seeing which areas, features and products are most popular
- To personalise the site for our customers. For example, in the future, we may recommend products or features you may like based on what you have liked in the past
- We keep track of the domains from which people visit us. We analyse this data for trends and statistics. We do not sell, rent, loan, or transfer any personal information regarding our customers to any unrelated third parties.
- We may also use advertising cookies to deliver more relevant adverts to you based on your interests. They are also used to limit the amount of times you see an advert and enable us to measure the effectiveness of any campaign. We use them to link to social networks including Facebook, who may use information about your visit to target advertising to you on other sites
Changes to our Privacy and Security policy