Privacy policy
Last updated: 29 September 2020
1. Introduction
APG Personalised believe that privacy is a vital right to each and every one of its users and therefore this privacy policy is designed with this in mind. This privacy policy is designed to be fair, to be transparent and easy to read and to ensure that individuals are given access to the rights granted to them by the GDPR (General Data Protection Regulation).
Please read this policy carefully as it contains information regarding how we collect, process and use your personal information and how we keep this information private. In order to purchase from APG Personalised you will be required to consent to us using your personal information in the ways described below. Without your consent to use your information in the ways set out in this policy, we will not be able to fulfil your order.
2. Who we are
This Privacy Policy applies to APG Personalised (www.apgpersonalised.com) and how we process the data of users of our site and our customers when their transaction takes place on our website, for transactions that take place on our Esty or Amazon stores, please see our separate Privacy Policies available via those platforms.
We can be contacted at any time via email at: help@apgpersonalised.com, via telephone at: 07598038080 or via mail at: 25 Seaview Crescent, Bridge of Don, Aberdeen, AB23 8RH. Live chat is also available at www.apgpersonalised.com at selected times.
Mr Andrew Philip George trading as APG Personalised is registered as a data controller with the Information Commissioner’s Office (registration reference ZA297271).
3. Information we collect
3.1. Basic Account Information
If you create a customer account on this website, we collect personal information to improve our checkout experience and customer service.
This information may include your:
-
Billing and shipping address(es)
-
Details about your orders (for example, your shirt size)
-
Email address
-
Name
-
Phone number
3.2. Transaction and Billing Information
If you buy any of our products, there is additional information that you will be required to provide in order to allow us to fulfil your order. This includes your full name, billing and shipping address, payment details (card number, expiry date and security code) and the personalisation options for your products. All payment details are processed by Stripe Payments Europe, Ltd. (“Stripe”) or by PayPal who act as data processors for the purposes of payment processing.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and the option to create an account and set a password.
We’ll use this information for purposes, such as, to:
-
Send you information about your account and order
-
Respond to your requests, including refunds and complaints
-
Process payments and prevent fraud
-
Set up your account for our store
-
Comply with any legal obligations we have, such as calculating taxes
-
Improve our store offerings
-
Send you marketing messages, if you choose to receive them
3.3. Communications with us
You may also provide us with information when you contact us via our contact form, live chat or email. We will use the data you provide to us only for the purposes of assisting you and may need to access other data stored in order to do this. We will never use any information provided by you to customer services for the purposes of marketing. Any contact from you will be stored for a period of 1 year to assist with any future queries and to allow us to look at how we can improve our support services.
3.4. Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you accept user-submitted images and use the API or Easy IO, those images may be transmitted to third-party servers in foreign countries. If Backup Originals is enabled, images are stored for 30 days. Otherwise, no images are stored on the API for longer than 30 minutes.
User-submitted images may be transmitted to image compression servers in the United States and stored there for up to 30 days.
User-submitted images that are displayed on this site will be transmitted and stored on a global network of third-party servers (a CDN).
3.5. Cookies
If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
We’ll also use cookies to keep track of basket contents while you’re browsing our site.
We also have a cookie policy which can be accessed here.
3.6. Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
3.7. Analytics
https://www.apgpersonalised.com makes use of Google Analytics, a tool that allows the analysis of information on the use of our website. For further information on how Google handles the privacy of any data that they collect visit: https://support.google.com/analytics/answer/6004245?hl=en. You can also opt-out of Google Analytics handling any of your data from our website and any others you visit by visiting: https://tools.google.com/dlpage/gaoptout.
3.8 Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
4. How and Why we use Information
4.1. Providing Services to Users
APG Personalised uses the information provided by users in a number of ways detailed below.
4.1.1. Account
We use the details you provide during the registration process in order to provide you access to your apgpersonalised.com account and the associated services this allows. These include being able to access the my account section of apgpersonalised.com which allows us to provide you with the ability to access and update your details, see your order history and store any payment methods. All stored payment methods are stored and processed by Stripe Payments Europe, Ltd. (“Stripe”) and cannot be accessed by APG Personalised.
4.1.2. Orders
When you buy something on this website, we collect personal information from you to fulfill the order. We may collect information like your:
-
Billing and shipping address
-
Details relating to your purchase (for example, your shirt size)
-
Email address
-
Name
-
Phone number
4.1.3. Support
We use any information provide when you get in touch with us in conjunction with any other details stored on you in order to provide you with help and support.
4.1.4. Website and Service Improvement
We use information gathered via our website in conjunction with data from Google Analytics to improve our website and the products and services that it offers.
4.1.5. Communication
We may email you with messages about your order or account activity. For example, we may email you to tell you that:
-
You’ve created a Customer Account
-
Your Customer Account password has been reset or updated
-
You’ve made a purchase
-
Your order has shipped
It’s not possible to unsubscribe from these messages.
These communications may extend to marketing messages should you choose to opt-in to these, your opt-in to these emails can be removed at any time. Should you opt-in to marketing information, we share your contact information with OHWO, our marketing communication provider, so they can send these emails to you on our behalf.
4.2. Legal Bases for Collecting and Using Information
APG Personalised will only collect and use any information collected where appropriate legal reasons within the GDPR exist. These will be limited to the following:
4.2.1. Fulfilling our commitments
The use of data is necessary in order to fulfil our commitments to you under our Terms of Service or other agreements with you or is necessary to administer your account – for example, in order to enable access to our website on your device or fulfil an order.
4.2.2. Legal obligation
The use is necessary for compliance with a legal obligation
4.2.3. Protection of interests
The use is necessary in order to protect your vital interests or those of another person.
4.2.4. Legitimate interest
We have a legitimate interest in using your information – for example, to provide and update our services, to improve our services so that we can offer you an even better user experience, to safeguard our services, to communicate with you, to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition, to monitor and prevent any problems with our services and to personalise your experience.
4.2.5. Consent
You have given us your consent.
5. Information we Share
5.1. How We Share Information
We do not sell our users’ private personal information.
We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy:
5.1.1. Service Providers
In the provision of our services it may be necessary to have others provide services on our behalf which will require us to share information with them, only the necessary information will be shared with trusted providers. This may include service providers such as couriers who will require your name and address in order to deliver your goods to you.
5.2. Who we share your data with
5.2.1. Stripe Payments Europe, Ltd.
All payments made via credit or debit card on our site are handled by Stripe Payments Europe, Ltd. For more information on how Stripe Payments Europe, Ltd. handle your personal data, please visit: https://stripe.com/gb/privacy.
5.2.2. OHWO, LLC.
All notifications from our website are sent via OHWO,LLC., these include new orders and shipping notifications. For information on how OHWO handle your personal data, please visit: https://ohwo.com/privacy.
5.2.3. SiteGround Hosting Ltd
In order to operate our website, we also rely on the services of SiteGround Hosting Ltd, who supply the hosting, Email and domain registration services for our website. For details on how SiteGround Hosting Ltd handle privacy, please visit: https://www.siteground.co.uk/terms.htm.
5.2.4. Paypal
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Please see the PayPal Privacy Policy for more details.
5.2.5. Tidio
This website is using Tidio, a chat platform that connects users with the customer support of APG Personalised. We are collecting names and email addresses, only with the consent of the users, in order to start the chat. The messages and data exchanged are stored within the Tidio application. For more information, please refer to their Privacy Policy (https://www.tidiochat.com/en/privacy-policy).
APG Personalised is not making use of these messages or data other than to follow up on users’ registered issues or inquiries. Your personal data will be processed and transmitted in accordance with the General Data Protection Regulation (GDPR).
5.2.6. Trustpilot
This website uses Trustpilot for the purpose of collecting genuine, verified reviews from our customers. Your Email and order details will be passed to Trustpilot to allow them to send review invitations and ensure they are from verified customers. For more information on how Trustpilot use data, refer to their Privacy Policy (https://uk.legal.trustpilot.com/end-user-privacy-terms).
5.2.7. Font Providers
This website uses font files from Google Fonts and Adobe Fonts. To properly display this site to you, servers where the font files are stored may receive personal information about you, including:
-
Information about your browser, network, or device
-
Your IP address
5.3. Information Shared Publicly
Any information on our site that you choose to make public will be disclosed publicly.
This includes leaving comments on our site, when you do this your comment will be shared alongside your username.
Public information may also be indexed by search engines or used by third parties.
This information should be kept in mind when choosing what information to share publicly.
6. How long we keep Information
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
We generally discard any information held on users when it is no longer needed for the purpose it was collected as described above and there is no longer any legal obligation which requires us to keep it. The specific length that any piece of data is kept for varies between each piece of information. Our current data retention policies are included below:
-
Support via email, contact form, live chat, etc.
12 months
-
Pending order information
30 days
-
Failed order information
30 days
-
Cancelled order information
3 months
-
Completed order information
6 years
-
Inactive account details
2 years
7. Your Rights
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
8. Where we Send your Data
I may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, I may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If I am deemed to transfer information about you outside of the EU this will be done only to companies trusted by APG Personalised and to territories with adequate levels of protection (whether deemed by the European Commission or via the judgement of APG Personalised) or if to the US in compliance with the Privacy Shield in order to ensure compliance with the GDPR.
Visitor comments may be checked through an automated spam detection service.
9. How to Get in Touch
For purposes of EU data protection law Andrew George is the data controller of your personal information. If you have any questions or concerns, you may get in contact at: a.george@apgpersonalised.com. Alternatively, you may send mail to: Andrew George, 25 Seaview Crescent, Bridge of Don, Aberdeen, AB23 8RH.
9.1 Complaints
If you have a complaints in regards to privacy, you have the right to make a complaint with the Information Commissioner’s Office at www.ico.org.uk