index
Information

General Data Protection Regulation

 

The EU General Data Protection Regulation (GDPR) includes rules on giving privacy information to data subjects in Articles 12, 13 and 14.

These are more detailed and specific than in the DPA (Data Protection Act) and place an emphasis on making privacy notices understandable and accessible. Lawson Ceramics as Data controllers are expected to take ‘appropriate measures’.

To cover all these elements we have considered the following issues when planning this privacy notice:

 

What information is being collected?

 

  1. Who is collecting it?

  2. How is it collected?

  3. Why is it being collected?

  4. How will it be used?

  5. Who will it be shared with?

  6. What will be the effect of this on the individuals concerned?

  7. Is the intended use likely to cause individuals to object or complain?

  8. For Orders, Lawson Ceramics will collect the item(s) ordered, your name, email address, delivery address, and where necessary for international delivery, telephone numbers. For Newsletter subscriptions, Lawson Ceramics will collect your name and email address.

  9. This information is collected when an order is placed and/or a subscription form is filled in.

  10. This information is collected through the Shopify website system used for lawsonceramics.co.uk.

  11. The personal details I collect are used to process orders and deliver newsletter emails.

  12. The order details are used to produce, package, and ship your order. The newsletter details are used to email you the newsletter.

  13. The order details are only shared with a courier (typically Royal Mail where necessary.

  14. There should be no negative results of the sharing of this data. The couriers used are large respected companies who should keep their data secure, and will only use the data for the purpose for which it was provided.

  15. If there are any concerns please contact me by e-mail to matt@lawsonceramics.co.uk

 

Data Security Best Practice for GDPR compliance:

 

Use unique, secure passwords for websites and devices containing sensitive data.

Password protect computers and devices with access to the data.

Use 2 factor authentication where possible.