GDPR Privacy Notice
Privacy Policy
1. Introduction
1.1 What data does CarTia collect?
We receive, collect and store any information you enter on our website or provide us in any other way.
When an order is placed via our website we collect the following personally identifiable information
Full Name
Address
Email Address
1.2 How do we collect this data?
This data is supplied to CarTia at the checkout process via PayPal. We receive the details you select at the time of ordering. Information is then stored on our website account, so we can dispatch your parcel to the correct address. We also receive an email from PayPal confirming a purchase has been made and the address you have requested we send the items to.
1.3 Why do we collect this data?
We collect such non-personal and personal information for the following purposes;
• To provide and operate services
• To comply with any applicable laws and regulations
So, we require your Full Name & Address so that we can send your parcel to the correct place of residence once it has been completed. We also ask for your email address, so we can get in touch with you to ensure you are satisfied with your purchase.
1.4 Do we share this data?
Your data is not shared with or sold to any outside individuals.
We share your Full Name & Delivery Address with the delivery company you choose at the checkout process. For example; Royal Mail or DPD. This is so your parcel can be delivered to you.
1.5 Cookies
Cookies are small pieces of data stored on a site visitors browser to track movements and actions on a website. We use cookies for security, to remember log in details and to preload pages already visited.
2. Using Your Data for Marketing Purposes
2.1 Opting In
We require your permission to send any marketing or promotional emails. People must subscribe to our mailing list of their own volition in order for us to use the data you supply. If you do not your email address will never be used for this purpose.
Currently we do not hold a mailing list so there is no requirement to opt in.
2.2 Opting Out
We do not hold a mailing list so there is no requirement to opt out
2.3 Other Communication
We may contact you to resolve a dispute this will be via email only.
3. How Do We Keep your Data Secure?
3.1 Data stored digitally
The information collected during the checkout process is stored on our website server. The CarTia website is hosted through Weebly and they employ the following security measures to ensure all of the data collected is secure;
• Weebly employ full-time security consultants, dedicated to the security of customer information.
• Weebly is Payment Card Industry Data Security Standards (PCI DSS) compliant and is accredited as a level 1 service provider and merchant. This standard helps create a secure environment by increasing cardholder data, thus reducing credit card fraud. They regularly perform internal security audits to maintain our ISO/PCI security certifications.
• Weebly’s signup and login services are completed through a secure server (HTTPS/SSL).
• Weebly’s uses cryptography hash functions to protect information. Password are stored as a hash digest and, in the event of a security breach, original passwords cannot be recovered from our servers.
• Weebly is certified under the EU-US Privacy Shield Framework and the Swiss-US privacy Shield Framework as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, and therefore adheres to the Privacy Shield Principles.
• Weebly has the following tools; right to access and the right to be forgotten, which will meet GDPR requirements. Allowing us to send you a complete list of the data we hold or remove it should you request this of us.
Your Full Name and Address are saved for shipping when received from PayPal.
Devices in our possession that have access to our PayPal accounts are as follows;
iPad – PIN Security
iPhone - PIN Security & Fingerprint Authentication
We employ security measures on all of our devices to ensure data is stored securely.
3.2 Data stored as a hard copy
We do not print any documents with your information present.
4. Requesting a Copy of the Data we hold
4.1 The process
You can request a copy of all the data we currently hold on file for you. We are legally required to provide this to you free of charge and within a month of the original request.
Please email [email protected] to make this request.
5 Requesting we Delete all the Data we hold
5.1 The process
If you want us to delete all information we have on file we are legally required to do so should you request it.
Please email [email protected] to make this request.
6. Policy Updates
6.1 Modifications to our Privacy Policy
We reserve the right to modify this policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website.
Return to home page