TSV Antiques data and privacy policy (GDPR compliance)

Data Collection and Use:

Who Are We and What Data do we Need?

TSV Antiques is a retail business selling antiques, decorative items and jewellery both at antique fairs and online. In order to sell online some data is required. This provides us with basic information such as postal and billing addresses and email/phone contact details. To ensure safety, visitors to the site may create an account which will use your data in order to enhance your experience with TSV Antiques; however browsing and purchases can be made as a guest user without the need to create an account.

Our Website

The site is powered by WordPress which collects data relating to analytics (search engines, visitor point of origin, browsing history) and security (log-ins etc). For visitors with a wordpress account there is no change, for casual visitors this information is tracking information from search engines and location apps on devices which cannot be used by us to identify you, (phone and tablet users should remember that their device/google holds more information about their visit to our site than we do). WP also collects data if you leave feedback or post comments on the site.

The shop is powered by Woocommerce which will collect shipping/billing addresses, contact details, order history and any other information relevant to your use of the shop front. Woocommerce has enabled GDPR compliant tools as part of its system. TSV Antiques is using these tools in order to meet GDPR requirements

Both these applications are fully compliant with current EU legislation regarding data collection and retention.

Payment

TSV Antiques exclusively use PayPal for all transactions – users can pay directly or using a credit/debit card. We have no access to your financial data, any data collected is held by PayPal and subject to PayPal’s own data and privacy policy. We cannot access this information. Should a refund be offered it will be conducted through PayPal only and again is subject to PayPal’s own data and privacy policy.

How We Use Data

TSV Antiques will only access personal information with regard to queries, purchases, refunds and returns. Any analytical data provided by WordPress is used to monitor our business flow and help build a successful website

Privacy, Spam and Contact

We will never contact you for any reason other than to send you your purchases. Confirmation emails and receipts are sent automatically via wordpress or PayPal. Should we need to invoice you (e.g. in the case of combined or overseas shipping) we will invoice via PayPal using the email address you have provided.

Data Retention

Data retention periods vary according to need.

  • Inactive accounts – 12 months (in case you wish to use the account again)
  • Pending orders – 14 days. Orders not completed in this time will be cancelled and any data deleted
  • Failed/cancelled orders – 7 days. Orders may be reattempted within this time
  • Completed orders – 2 years or until an account is closed. This is to enhance your shopping experience on the site and to maintain our business records.

TSV Antiques will not use any retained data for any purposes other than business management and will not pass any information to third party applications. Any software used within the framework of this website is compliant with GDPR and allows for the return and deletion of information within the time scales indicated above.

Visitor Consent

By creating an account and/or using PayPal to purchase from the site it is considered you have given consent for a minimal amount of data to be collected to enhance your user experience and enable us to collect payment and ship your purchases. Information is shown at any point at which you may be required to disclose information.

If you request a sign up to a mailing list for tickets to an antiques fair, the request is considered as consent to hold and use your name and address. This information is held in a password protected document on a removable memory device and not on a PC or third party server. The information you give will only be used to send tickets as requested. If at any time you wish to be removed from the mailing list please send an email to this effect and your address will be removed and you will receive no further communication from TSV Antiques.

Third Parties

We do not show adverts or host third party applications on this site so no more detailed data or further permissions are required. WordPress may require you to commit to further consent in order to comment on posts however this is not data held by TSV Antiques. Similarly, sharing to social media applications is enabled on this site but we have no access to your information regarding these applications.

Data Deletion and Release

In the event that you require access to the data held by TSV Antiques please contact us with the email address you have used on this site. A verification request will be sent to this address whereupon your data will be sent to you.

Please note – this exports the personal data stored by WordPress and Woocommerce. It does not export personal data stored by PayPal. The personal data exported includes only the following items at this time:

  • Feedback
  • WordPress User
  • Customer Data
  • Customer Orders
  • Customer Downloads
  • Customer Tokens
  • WordPress Comments
  • WordPress Media

 

The same process should be followed should you wish your data to be deleted.

Please note – this tool only erases the personal data stored by WordPress and Woocommerce. It does not delete registered users, nor does it erase personal data stored by PayPal. On request for deletion of data we will also close your account. The personal data erased includes only the following items at this time:

  • Feedback
  • WordPress Comments
  • Customer Data
  • Customer Orders
  • Customer Downloads
  • Customer Tokens

Information held by PayPal is not available to TSV Antiques and subject to their own data and privacy policies.

Data Breaches

TSV Antiques use a security protection plugin which identifies and blocks attacks on the site ensuring any data stored is safe. However; in the unlikely event of a data breach, you will be notified as soon as possible with information pertaining to the breach and any steps you need to take.