Privacy Policy

Who we are

Our website address is: http://civilpartnershipcards.co.uk.

Data storage and data retention

Order details

Civil partnership cards only allows guest accounts, no registered accounts or passwords are required.
The guest order details are saved for a month before deletion.
Data collected and stored for a month using guest order details are as follows:

Customer’s IP address
Customer’s name
Customer’s billing address
Customer’s shipping address
Customer’s phone number
Customer’s email address
Order number
Order date
Order total
Items purchased
Browser user agent

Names, addresses, email addresses and phone numbers are required to fulfil customer orders.

Invoice data will be stored for 6 years in accordance with HMRC requirements. This data will be stored securely offline.
Organisational methods will be employed to protect the data from unauthorised or unlawful processing and against accidental loss or theft.

Consent

Users will have to clearly give consent to the processing of their data by agreeing to this privacy notice when ordering.

Data Processors

Civil Partnership Cards uses the services of data processors that provide sufficient guarantees that their data protection policies meet GDPR requirements. Each processor has its own policies in relation to GDPR regulation. Civil Partnership Cards have checked to the best of their ability that all data processors comply with GDPR regulation.

Krystal Hosting

Krystal hosting is a data host that hosts the Civil Partnership Cards website servers. Krystal have confirmed in a statement that they are GDPR compliant:
‘We have updated our Privacy Notice to meet the requirements of the new framework and have also implemented the required internal procedures to ensure that as a business we are fully GDPR compliant.’

Paypal

Paypal processes the payments on the Civil Partnership Cards website.
The owners of Civil Partnership Cards have received confirmation via a statement from Paypal that confirms that Paypal is GDPR compliant.

Quickbooks (Intuit)

Invoice data is processed and stored via Quickbooks online. Intuit have a GDPR centre available to view online https://quickbooks.intuit.com/uk/gdpr/
They state on their website that ‘Intuit’s policy is to comply with applicable local laws on our business related use of personal data…..And we believe our implementation of GDPR allows us to continue to earn our customers’ trust.’

Third Parties

By agreeing to this privacy notice, when an order is placed, it is agreed that the customer’s name, address and contact details (phone number & email address) will be passed onto Royal Mail so that their orders can be fulfilled.

The accountancy firm that Civil Partnerships Cards use may have access to accounting data via Quickbooks software. Quickbooks stores invoices and data such as name, billing address, shipping address, email address and telephone number. The accountancy firm is:

James Hair & Co

Email & Contact Form

Any email communication will be deleted from the Civil Partnership Cards website servers 30 days after receipt of the email.

If a user sends a message via the Civil Partnership Cards website contact form, an email will be sent to the owners of Civil Partnership Cards with data including name and email address (depending on what data the user has chosen to input). The messages received through the contact form will also be deleted from the website servers after 30 days.

Data Breaches

In the unlikely event of a data breach (security measures / procedures are regularly assessed and adhered to), the owners of Civil Partnership Cards will contact the Information Commissioner’s Office and will report the breach if advised to.
This will be reported within 72 hours of the owners of Civil Partnership Cards becoming aware of the breach.
If the breach is likely to affect individual’s rights and freedoms, the affected individuals will be informed without undue delay.

Cookies

The cookies on the Civil Partnership Cards website have been separated into ‘essential’ and ‘extras’. In order for the website to function e.g the shopping cart or DDOS protection, the ‘essential’ cookies are installed by default when a user navigates the website. The ‘extra’ cookies are required for the following services to function:

Google Analytics

In order for the ‘extra’ cookies services to function (for Google Analytics), the user must choose to agree to the cookie notification popup. If the user does not agree, they can still browse the site but the ‘extra’ cookies services will not function and these ‘extra’ cookies will not be installed.

Reviews

If you leave a review on the Civil Partnership Cards site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. Please be aware that if the customer writes a review, the review and its metadata are retained indefinitely.

Payments

Payments on the Civil Partnership Cards website are processed by Paypal. No payment details are stored on the Civil Partnership Cards servers. Payment is taken through the Paypal payment gateway and not through the Civil Partnership Cards website.

The information in this privacy policy was correct (to the best of the owners of the Civil Partnership Cards website knowledge) at the time of publication: Aug 27th 2020
Last update: Aug 27th 2020