The term ‘you’ refers to any user or viewer of our website.
Who is Mother Goose Embroidery?
The website”mothergooseembroidery.com” is owned and operated by Julia Corlett, now resident in France. The enterprise is named “Mother Goose Embroidery”. The business contact telephone number is + 0033-(0)641-479502 and the contact email address is [email protected]
What Personal data may be collected, and how is it collected?
We do not set out to collect any Personally Identifiable Information, unless you make a purchase from us – either for yourself, or for someone else. However, if you send us a query either by using our contact form, or the contact e-mail address we have shown, then we will also receive the minimum of your details necessary for us to reply to you.
The reason we do not set out to collect any Personally Identifiable Information from you is because, unlike most other websites, we do not operate e-mail marketing campaigns which flood your inbox with junk mail. You can instead keep up to date with our new products and offers on our Instagram or Facebook pages if you wish to do so.
In the event that you do make a purchase from us, then obviously you have to supply us with the following details as a minimum, so that we can send you the goods that you have purchased:
- First name
- Last name
- Email address
- Billing address
- Shipping address
- Contact telephone number
Should you wish to create an on-line account with us, we provide you with the means to do so, and we will then also receive the same list of data as above – but we do not insist on this.
Should you be happy to give us your telephone number when using the site’s Contact Form this can be useful to us in the event that we need to contact you to clarify any issues that may arise concerning your query – but again, we do not insist on this – the choice is yours!
However, depending on specific shipping carriers (DHL, FEDEX for example), we sometimes need your phone number to satisfy the carrier’s requirements, in order to ship your purchase with them, and for this reason, a ‘phone number field appears on the order form you will have to complete at the time of making the order, to tell us where to send your parcel
Should you have any queries, and elect to use either our contact e-mail address, or the contact form on our site to gain clarification of any queries you may have, then we will also receive any details that you provide through those means – e.g.
- E-mail address
- Possibly your telephone number if you wish to give it.
We do use Google Analytics to collect information about visitors to our site.
However, no personally identifiable information is collected in this manner, and such information is in an anonomous form – that is to say, Google basically collects statistics, and these can show such things as:
- your IP address (which is not your home location, but rather the exchange from where your IP address is supplied to you)
- approximate geographical location
- browser type and version,as well as your operating system
- how/from where you arrived on our site ( or the referral source )
- length of visit
- pages viewed, and length of time spent on a page
- how you navigated through our site,
- the time of visit(s)
All these types of statistics are aimed at allowing website owners such as ourselves, to modify or improve their sites, and thus gain increased traffic to them – not to identify individuals, or their personal details.
Where is the data you have elected to give us stored / Website Hosting
Our Website is now hosted by: SiteGround Spain SL, C/ Serrano 1, 5º, 28001 Madrid, Spain.
Any change to this situation will be notified here, in this policy.
The location of our hosting service provider means that any personal data given to us on or through this website, will be stored in Europe – specificaly the Siteground server(s) in Groningen, Holland, that we have elected to use. Such data then remains on our site, from where we access it if required.
The Website is also regularly backed up for security and operational reasons, to our hosting provider’s servers.
The operators of such storage facilities have issued a statement to confirm they also comply with GPDR regulations.
Therefore any personal data held on this site at the time of a back-up will be duplicated in such back-ups, which are usually preserved for about a month to 6 weeks before being deleted in favour of more current backups.
As a legitimately operated business, Mother Goose Embroidery and its legal owner have the same legal requirement as any other business large or small, to produce accounts to the Tax Authority concerned. This entails keeping receipts for sales and expenditures so that the tax authorities could audit our accounts at any time they wished, within any statutory period of limitation. The statute of limitations in France is, in general, for ten years – (a period called délai de reprise).
To comply with such regulations, if you make a purchase from us, we have an obligation to issue you with a receipted invoice for your purchase, and this will contain the personally identifiable details described above.
The receipt is issued as a print-out of the transaction, from our Accounting Software which has had the necessary data entered into it by the Data Processor/Controller. This software is supplied by a leading accounting software supplier, and is GDPR compliant.
A second paper copy of the receipt or invoice is also produced, and archived in our document filing system, which is securely held on our premises, under lock and key held by the “DATA PROCESSOR CONTROLLER”
Who/What is the Data Processor/Data Processor Controller
“Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
In the case of Mother Goose Embroidery, the Processor/Controller is the site owner named above.
How do we secure your Personally Identifiable Information
The use of an SSL certificate, as shown by the lock symbol in the address bar of your Browser, means that any communications you make with our site are encrypted for security.
Additionally, we have an on-going security system in place, provided by one of the most reputable providers of such systems, installed on the servers that host our site, and our site is scanned at least daily for any “Malware”. Our Hosting provider also operate their own security system.
We therefore believe It is unlikely therefore, that attackers are able to access your data or damage the site.
Additionally, as owner of the site, we have additionally set up manual “Country Blocking”. That is to say we have selected a number of countries from where regular attacks on websites in general, are highly likely, and prevented any access to our site, from any IP addresses within those countries.
Any Personally identifiable data held in any backup we have off site, is held in an encrypted form.
How do we use your data
We only use the data you have given to us, for the purposes that it was given in the first place – i.e.
- To process any order for goods you may have made from us, and dispatch the goods to you (or your elected recipient of the goods)
- To reply to any queries to us you may have made.
- For legal accounting purposes as described above.
We do NOT use you details to target you with marketing campaigns – This is because:
- We simply do not use e-mail marketing campaigns.
- We are confident that the quality of both the goods and the service that we supply, is sufficient to bring back customers who have previously used our services.
We do not pass your details to any third party affiliates (We don’t use any).
We do not sell, lease or show your details to anybody, unless we should be required by law to do so, to meet our legal and/or regulatory obligations, if this ever became necessary.
Your statutory rights as a user of this website
Should you have contacted us from this site, or have created an on-line account with us, and we have therefore received Personally Identifiable Information that relates to you, you have the right to ask us at any time:
- What Personal data that relates to you do we have stored? To implement this, Please Click This Link
- to remove such information from our database. If you wish your data to be deleted, Please Click Here
- ask us to transfer such information to a third party.
- You have the right and ability to access your on-line account at any time, (if you have created one), and modify/update any of your personal details contained therein.
- You can contact us at any time and make such requests. We will then comply and inform you that we have done so.
- Should we suffer a data breach, we must inform you of this within 72 hours at the latest, after becoming aware of the fact, (and also notify the relevant data protection agency – in our case, this is C.N.I.L in France)