Please note, due to supply chain problems caused by COVID-19, our greeting cards may be sent with white envelopes. Read our COVID upate here.
Updated 14th February 2021
This policy includes:
- Your rights relating to the information that we hold about you
- How we keep your information safe
- The types of personal information we collect and how we use it
- The legal basis we rely on to use your information
Moments That Unite (a trading name of Jessica Harrison) is the data controller for information that is collected through all of our channels, including our website, phone and email.
We collect the following information:
- Your name and (if relevant) company name
- Billing and delivery addresses
- Contact information including phone numbers and email addresses
We collect personal data through our checkout process when you place orders on our website, through our contact forms and over the phone. We also collect information by email or social media if you contact us in this way.
The information that you provide us with is required in order to process your order, including taking the payment and delivering the goods. We may also need to contact you if we need to discuss any aspect of your order, for example with proof images, delivery delays or if we believe you may have ordered an incorrect item. We will not use your contact information for marketing purposes unless you have given us permission to do so.
You can find more information on systems your information may be processed through below.
Please note that all calls to Moments That Unite are recorded for administration and customer service purposes.
SnipCart provide the platform that allows us to process orders through our website. The SnipCart platform is hosted with PCI compliant specifications, and no credit or debit card information is ever stored in this platform.
Orders taken through our website are stored in and processed by SnipCart, in conjunction with Stripe and PayPal for payment processing. You can find out more about how SnipCart look after customer data here.
Stripe is one of the payment gateways that we use to process payment for orders. You can read about Stripe's privacy policies and processes in their Privacy Centre.
When you place an order with us, we will use either Royal Mail or DPD to ship your order. To enable this to happen, your delivery name and delivery address will be entered into the DPD or Royal Mail system. In the case of DPD, we will also provide (if applicable) a contact email address or phone number for you; this simply enables DPD to give you important information such as delivery windows and updates.
On occasion, we may need to share your information with our suppliers. This enables us to organise deliveries straight to your door or to issue replacements in a more timely manner.
We use a variety of Google’s services to help us run our website and to find ways that we can improve our service. The services we use include Google Tag Manager (used to inject code and cookies into our website), Google’s AdWords (advertising services) and Google Analytics. Our website uses Google’s Analytics service to track our visitors behaviour whilst they are shopping or browsing on our site. As of the 25th May 2018, our Google Analytics account only retains user data for 14 months. Any data that reaches this 14 month point will be automatically deleted by Google, from the Google servers, once a month. To find out more about how Google store and safeguard data, including data stored in Analytics, you can view the information here.
The policy of Moments That Unite is to only keep information for as long as required for the purpose or purposes for which it is used. For example, we will store details of your invoices in order to process return requests or queries relating to orders you have placed with us in the past. This information also needs to be stored for tax and reporting purposes.
Moments That Unite will always get your consent at the point of collecting your information. We will always tell you why the information is necessary. We do not collect any special categories of personal data and will not transfer your data to another company or country without informing you.
Under the definitions outlined in the General Data Protection Regulation (GDPR), we process information under the lawful bases of Consent, Contract and Legitimate Interest.
When you place an order on our website, or, begin to and abandon the basket, arrange a delivery or request to return a purchase, we process your information under the definition of “Contract” (the sale or request for a quote, services or information relating to a sale). This means that the information you give us, such as billing information, delivery information and contact information is necessary for us to provide you with a service, and this is how it is used by ourselves and it shall only be shared when necessary to fulfill our end of the contract, for example, with Royal Mail for the purposes of delivering your order. Your delivery information is required for us to complete delivery of your order, and your contact information will only be used in relation to order or delivery updates. If we wish to use your information for other purposes, we will ask for your consent.
With your consent, we may send you marketing emails from time to time. We may collect your information for this purpose through forms on our website, or forms hosted via advertising platforms including Facebook, Instagram and Twitter. We will only ever use your information for the purposes we outline to you, and will always ask consent before using information for any further processing.
After you have placed your order and we have fulfilled it, invoices containing the details of what you have ordered, your address(es) and contact information are stored on the Webflow system. This allows us to refer back to the information at a later date if necessary for a return, refund or other query you may make relating to your previous orders. In this sense, we store this information because we have a Legitimate Interest in doing so.
If you begin placing an order with us but do not complete checkout, we may send you an abandoned cart email to follow up on the order.
In addition to the purposes outlined above, we are required to keep certain information for longer periods for tax and legal reasons. As an example, we need to keep records of purchases made for a minimum of seven years for tax purposes.
Moments That Unite
46 Richard Hillary Close,
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Any information that you provide us with, for example about your order or a query you have through these platforms will be processed according to the policy laid out here. We strongly recommend that if you do contact us through a social media platform about an order or a query that involves giving us personal information, that you do so through the private messaging facility (where possible) to prevent your data being open to the public.
We do not market our site or services to those under the age of 16, and therefore we request that individuals younger than 16 do not use our services or submit information through our site.
The General Data Protection Regulation (GDPR) reaffirms the rights that individuals have relating to their data. In this section, we clarify these and how you can go about taking advantage of these Rights with relation to our website and activities.
Orders and data that we have stored about our customers can be edited or deleted where necessary and when the data is not required in it's original format for legal (including taxes and fraud prevention) or legitimate interest (including warranties and customer services) reasons.
Under the GDPR, you have the right to request that ongoing processing of your data ceases. Under the definitions of the GDPR, the only data we process in an ongoing fashion is for our e-mail marketing activities. If you make this request, we will, to the best of our ability and under the guidelines of the GDPR, cease processing your data without actually removing it from our MailChimp database.
In some circumstances, you can request that we provide you with your personal information in a structured, commonly used and machine readable format. The data that is stored in our SnipCart, Webflow and MailChimp databases can be exported as a CSV file. If you request this to be supplied to yourself or transferred to another provider of a similar service to us, we will comply with such a request as far as is secure and technically feasible.
Under the definitions outlined in the GDPR, you are entitled to object to processing of your data. As soon as an objection request is received, all processing will cease for all bar necessary processes. For example, if you have objected to processing but have placed an order that has not yet been fulfilled, all processing related to secondary purposes will cease, but processing of the order (including arranging delivery) will continue unless you request we cancel the order too.
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact us at firstname.lastname@example.org or by mail at:
Moments That Unite
46 Richard Hillary Close,
Get in touch:
Moments that Unite is a trading name of Jessica Harrison. Copyright © 2021.