Types of Data collected
Among the types of Personal Data that our website collects or stores in your web browser, by itself or through third parties, there are:
- Usage data;
…for all users.
For users who log in using Facebook, and give us Facebook details while doing so, we store:
- Your email address, to send you details of any purchases you make;
- Your Facebook profile link, in case we need to contact you and can’t reach you by email; this may also used to ensure that you should be using the website (i.e. you identify as a woman);
- Your gender (see above);
- Your First and Last names according to your Facebook Profile.
The Personal Data recorded is in some cases freely provided by the User, or otherwise collected automatically when using this website.
We do not share personal information with any third parties for marketing purposes.
Failure to provide certain Personal Data may make it impossible for this website to provide its services. For example, you will be unable to sign up for our email newsletter without providing your Email Address.
Users are responsible for any Personal Data of third parties obtained, published or shared through this website and confirm that they have the third party’s consent to provide the Data to the Owner.
Mode and place of processing the Data
Methods of processing
The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organisational procedures and modes strictly related to the purposes indicated.
In addition to the Data Controller, EGG Ltd, in some cases the Data may be accessible to certain types of persons in charge, involved with the operation and development of the site (administration, marketing, legal, system administration) or where you interact with one of the services fulfilled by a third party (for example Stripe, used to process our payments), the external party who fulfils that service will act as an authorised Data Processor. The updated list of these parties may be requested from the Data Controller at any time.
The Data is processed at the Data Controller’s operating offices and in any other places where the parties involved with the processing are located. At this time, those parties are:
— Google Analytics
For further information, please contact the Data Controller.
The Data is kept for the time necessary to provide the service requested by the User, or stated by the purposes outlined in this document.
The use of the collected Data
The Data concerning the User is collected to allow the Owner to provide its services, as well as for the following purposes: Usage Analytics, and Managing contacts and sending messages.
The Personal Data used for each purpose is outlined in the specific sections of this document.
Detailed information on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
The services contained in this section enable the Owner to monitor and analyse web traffic and can be used to keep track of User behaviour for analysis to improve the website.
Google Analytics (Google)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilises the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualise and personalise the ads of its own advertising network.
Personal Data collected: Cookie and Usage data.
Payment information is captured by our Payment provider to allow you to purchase goods and services from our website using your credit or debit card. No sensitive information is processed or retained by the website itself.
Stripe Checkout is a payment integration provided by Stripe Inc. (“Stripe”). Stripe may utilise the Data collected to track and examine the use of this Application, to process and enact payment charges or refunds to credit and debits cards of our users, to prepare reports on its activities, and for internal use at Stripe to improve the Stripe platform.
Personal Data collected: Name, Address and Payment Card Information.
Additional information about Data collection and processing
The User’s Personal Data may be used for legal purposes by the Data Controller, in Court or in the stages leading to possible legal action arising from improper use of this website or related services.
The User declares to be aware that the Data Controller may be required to reveal personal data upon request of public authorities.
Additional information about Users’ Personal Data
System Logs and Maintenance
For operation and maintenance purposes, this website and any third party services may collect files that record interaction with this Application (System Logs) or use for this purpose other Personal Data (such as IP Address).
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information in our ‘Contact Us’ website section.
The rights of Users
This website does not support “Do Not Track” requests. We are a small business based in Edinburgh, Scotland. We do not have the technical support nor the staff capacity to process DNT requests. Instead, use a browser that supports Do Not Track.
To determine whether any of the third party services it uses honour the “Do Not Track” requests, please read their respective privacy policies.
Definitions and legal references
Personal Data (or Data)
Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Information collected automatically from this website (or third party services employed on this website ), which can include: the IP addresses or domain names of the computers utilised by the Users who use this website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilised to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilised by the User, the various time details per visit (e.g., the time spent on each page within the website) and the details about the path followed within the website with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment. This might sound ‘creepy’, but it’s common practice on most websites and is invaluable information for our web team to understand how the website and its features are used, and can be improved.
The individual using this website, which must coincide with or be authorised by the Data Subject, to whom the Personal Data refer.
The legal or natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural person, legal person, public administration or any other body, association or organisation with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this website. The Data Controller, unless otherwise specified, is the Owner of this website.
The hardware or software tool by which the Personal Data of the User is collected.
A small piece of data stored in the User’s device.
Notice to European Users: this privacy statement has been prepared in fulfilment of the obligations under Art. 10 of EC Directive n. 95/46/EC, and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of Cookies.