Artifucktion are committed to complying with the General Data Protection Regulation and the Data Protection Act 2018, once enacted. Looking after the personal information you share with us is very important, and we want you to be confident that your personal data is kept safely and securely and to understand how we use it to offer you a better and more personalised shopping experience.
We have published this notice to help you understand
If we make changes to this notice we will notify you by updating it on our website. Artifucktion will be what is known as the ‘Data Controller’ of the personal data you provide to us, and we will sometimes refer to ourselves in this notice as “we” or “us”. By Data Controller, this means Artifucktion determines the purposes and way in which any personal data are, or will be, processed.
This privacy notice was last updated on 21 May 2018.
When you buy goods from us, you are entering into a contract with us. You will need to set up your information, before ordering from us, so we can set this up we will ask you to provide some personal information such as;
As an existing customer if you have shopped with us using a credit or debit card, or we have taken these details for a payment authorisation, we will securely collect and store this payment card information. New customers and existing customers whose payment cards have expired will be asked if they would like to automatically store these details in order to speed up the payment process. If you set up a direct debit payment, we will also collect bank details from you.
When you apply for a credit account, we get information about you from credit reference agencies. This is covered in more detail in the section, Who we share your information with and why.
When you shop in our store Artifucktion uses CCTV for security monitoring purposes.
How do we use your information?
Data Protection says that we are allowed to use and share your personal data only where we have a proper reason to do so. The law says we must have one or more of these reasons and these are:
Who we share your information with and why
Artifucktion works with a number of trusted suppliers, agencies and businesses in order to provide you the high quality goods and services you expect from us such as delivery companies, credit reference agencies, fraud prevention agencies, product technicians visiting your home and market research companies amongst others.
Some examples of the categories of third parties with whom we share your data are:
Artifucktion works with a number of trusted partners who supply products and services on our behalf. All partners are subject to thorough security checks, and will only hold the minimum amount of personal information needed in order to fulfil the orders you place or provide a service on our behalf.
In order for you to receive your goods, Artifucktion works with a number of delivery partners. Again, we only pass limited information to them in order to ensure delivery of your items.
Artifucktion works with business who support our website and other business systems.
We work with marketing companies who help us manage our electronic communications with you or carry out surveys and product reviews on our behalf.
Artifucktion works with trusted third party payment processing providers in order to securely take and manage payments.
Credit Reference Agencies
When you apply for credit with us we will make searches about you with credit reference agencies. We do this to make sure customers who apply for credit accounts are able to manage the level of credit offered and not committing fraud by providing false or inaccurate information.
In order to process your application we will supply your personal information to credit reference agencies (CRA’s) and they will give us information about you, such as your financial history. We do this to assess your creditworthiness and product suitability, check your identity, manage your account, trace, recover debts, and prevent criminal activity.
We will also continue to exchange information about you with the CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will be linked to the data of your spouse, any joint applicants or other financial associates.
We will use automated credit-scoring methods to assess your application and to confirm your identity. We will automatically check your credit history against our lending criteria and if you don’t meet our requirements you will be declined for credit. There is also an automated decision section below with further detail. Should you wish to object to the use of automated credit scoring, please contact the Data Protection Officer.
Debt recovery and fraud prevention services
Before we provide services, goods or financing to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering, and to verify your identity.
Details of the personal information that will be processed include, for example: name, address, date of birth, contact details, financial information, employment details, device identifiers including IP address and vehicle details.
We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
We process your personal data on the basis that it is necessary in the public interest or in exercising official authority for us to prevent fraud and money laundering, and to verify identity, in order to protect ourselves and to comply with laws that apply to us.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision-making: if you want to know more please contact us using the details above.
Consequences of Processing
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or financing you have requested, or to employ you, or we may stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.
Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data is erased or corrected; request access to your personal data.
Transfers to third countries
Some of the information you provide to us may be transferred outside the European Economic Area to countries such as India and the US. This is a transfer to a “third country”.
Artifucktion also works with suppliers and partners who may make use of cloud and/or hosted technologies. We undertake data security due diligence on our partners and ensure that that these partners conform to appropriate accreditations.
Wherever transfers of data to third counties occurs Artifucktion will put in place an appropriate contractual provisions to ensure that there are strict rules regarding both the confidentiality and security of your information.
We want to keep you up to date with information about new ranges, special offers and improvements to our website. When you set your account up, we will ask you if you want to receive this type of marketing information.
Artifucktion will not share your information with companies outside Artifucktion for their marketing purposes.
You may continue to receive mailings for a short period while your request is dealt with.
How long we keep your information
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws.
We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date it is no longer needed by us for any of the purposes listed under How we use your information above. The only exceptions to this are where:
What are your rights
You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed.
This notice is designed to help you understand what cookies are, howArtifucktion uses them and the choices you have in regards to their use.
What are cookies?
Cookies are small text files that are stored on your browser or the hard drive of your computer or other device when you visit the Site. This allows the Site to recognise you as a user either for the duration of your visit (using a ‘session cookie’) or for repeat visits ( a ‘persistent cookie’). They are not harmful and do not contain any information such as your home address, date of birth or credit card details.
The cookies we use fall into four broad types:
Strictly Necessary Cookies
These cookies are essential in helping you to move around our Site and use its features, such as accessing secure areas of the website. Without these cookies, services you have asked for, such as setting up an account cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you’ve been on the internet.
In order to keep the Site, its services and products relevant, easy to use and up-to-date, we use web analytics services to help us understand how people use our Site. For example, we can see which parts of the Site and products are most popular, identify when errors occur, and test different versions of a page or feature to see which one works best.
These cookies allow websites and applications to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. The information these cookies collect is usually anonymised which means we can’t identify you personally. They do not gather any information about you that could be used for selling advertising or remembering where you’ve been on the internet, but do help us to serve you with advertising that is more relevant to you.
Targeted Marketing Cookies
Cookies are an essential part of how our Site works, as they remember certain information about a visitor. Artifucktion uses First Party cookies (these are placed there and used solely by Artifucktion) and Third Party cookies (these are placed there by third parties we work with).
Are cookies safe?
Yes. The information stored in cookies is safe and anonymous to any external third party, and your account security is never compromised.
Can I turn off cookies?
To change your cookie settings, or if you want to be notified each time a cookie is about to be used, you should amend the settings provided in your web browser to prevent us from storing cookies on your computer hard drive.
Details of our Third Party Cookies
Artifucktion allows selected Third Parties who participate with us in marketing programs to place cookies when you visit our site. These cookies enable us to monitor which adverts you see and click on to get to our site.
For details of the Third Party cookies we use please see the table below. Artifucktion is not responsible for the content or privacy policies of Third Parties or other websites, and we advise that you check these yourself.
The following Cookies are all used for Analytical and Targeting purposes.
Website visitors who don’t want their data used by Google Analytics can install the Google Analytics opt-out browser add-on. To opt-out of Analytics for the web, visit the Google Analytics opt-out page and install the add-on for your browser. Learn more about the opt-out and how to properly install the browser add-on here.
Visitors can also opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings
This Cookie Notice was last updated on 21 May 2018, and further changes will be communicated by updating this notice.
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at email@example.com
SECTION 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 – WordPress
Our store is hosted on WordPress. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through WordPress data storage, databases and the general WordPress application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then WordPress stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows WordPress to store information about your session (referrer, landing page, etc).
_wordpress_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_wordpress_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 8 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact us firstname.lastname@example.org