Nothing Haunts Us Like The Things We Didn't Buy!
Cart 0
Nothing Haunts Us Like The Things We Didn't Buy!
Cart 0

Privacy Policy

This privacy policy is provided by All About The Box and governs the privacy of all those who use our website. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing or using our website.
~ Policy Definitions ~
”I”, “our”, “us”, or “we” refer to the business (All About The Box). “You”, “the user” refer to the person(s) using this website. GDPR means General Data Protection Act. PECR means Privacy & Electronic Communications Regulation. ICO means Information Commissioner’s Office.
~ Cookies ~
By using our website, you agree to our use of Cookies.  Cookies are small files which seek permission to be on your computer’s hard drive  or device. They help websites to respond to you as an individual, remembering your interests and products you looked at.  By using cookies, we in no way acquire access to your computer or any personal information about you, other than the data you choose to share with us. Without cookies however, you will not be able to browse this website or use features such as “shopping basket”.  
It is important to note that by using our website, you agree that cookies can be placed on your device and we can access them when you visit our website in the future.
We would never use cookies to deliver advertising to you. We use cookies on the site to collect anonymous data about our visitors, and we use this data to improve our services to you. We never track our website users for the purposes of displaying targeted advertising.
If you wish to know more about cookies or how to disable them, please refer to your Internet browser or go to; www.allaboutcookies.org.
~ Processing of your personal data ~
Under the GDPR (General Data Protection Regulation) we control and/or process any information about you electronically using the following lawful bases. We are exempt from registration in the ICO Data Protection Register because we are only processing personal data for our core business purposes.
~ Your Data: what Information do we collect ~
When you place an order on our website you are contracting with All About The Box. To fulfil your order, we generally collect your order product details, name, or name of recipient if different, your address or recipients address, email address and payment information. This is collected when you visit our website or engage with us either by email, web messaging, through our Etsy Store, telephone, mail or via any social media instant messaging feature.  Information with regards to custom orders that may contain contact details, and requests for receipts via email will also be collected.
We also collect personal data through a third party, when you place an order via our e commerce store, and provide payment via payment gateways such as Shopify Inc.
~ Why do we need this data and how we use it ~
We rely on a number of legal bases to collect, use and share your information, to provide our services, such as when we use your information to fulfil your order, to settle disputes, or to provide you with customer service or support.  Also if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law, and is necessary for the purposes of our legitimate interests, if those legitimate interests are not over ridden by your rights or interests. We use your information to provide the services you requested.
Information Sharing: Information about our customers is important to our business.  We share your personal information for very limited reasons  and in limited circumstances.
Service Providers: When you request goods and services from us, you are consenting to the disclosure of your personal information to our service providers and partners. For example Royal Mail within the United Kingdom or courier services and other shipping/postal services around the world to ensure that your order is delivered to you. We will share your personal information with such third parties, but only to the extent necessary for them to perform and carry out their services.
Our online store is hosted via Shopify Inc. They provide us with an online e-commerce platform that allows us to sell our products and services via the internet.  They are GDPR compliant. Your personal information is collated and stored through Shopify’s databases and the general Shopify application. Shopify Inc. Store your information on a secure server and they have taken appropriate measures to safeguard all personal data. For more information around Shopify Inc and their Privacy Policy, please visit their website; www.shopify.co/legal/privacy.
~ Compliance with law ~
We may collect, use, retain and share your information if we have a good faith belief that it is reasonably necessary to: a) respond to legal process or to government requests;b) enforce our agreements, terms and policies; c) prevent, investigate, and address fraud and other illegal activity, security or technical issues; or d) protect the rights, property and safety of our customers or others.
~ Data Retention ~
We retain your personal information only for as long as necessary to provide you with our services and as described in our privacy policy. However, we may also be required to retain this information to comply with our legal and regulatory obligations, to resolve disputes and to enforce our agreements. We generally keep your data for the following time period of 5 years.
~ Transfers of Personal Information Outside of the EU ~
We may store and process your information through third party hosting services in the US and other jurisdictions. As a result we may transfer your personal information to a jurisdiction with a different data protection and governments surveillance laws than your jurisdiction.
~ Your Rights ~
If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. Whilst some of these rights apply generally, certain rights apply only in certain limited cases. These are described below;
- Access: You may have the right to access and receive a copy of the personal information we hold about you by contacting us using the contact information below.
- Change, restrict, delete: You may also have rights to change, restrict our use of or delete your personal information. Accept exceptional circumstances (like when we are required to store data for legal reasons) we will generally delete your personal information upon request.
- Complain: If you reside in the EU and wish to raise a concern about our use of of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.
~ How to contact Us ~
For purposes of EU data protection law All About The Box is the data controllerof your personal information. If you have any questions or concerns you may contact us at allabouthebox@hotmail.com or mail us at; The Manse, Rhayader, LD65LW. United Kingdom.  Please mark correspondence “Data Controller”.
~ Links to Other Websites ~
Our website may contain links to other websites, e.g Etsy of related interest. However, we must point out that once you have used any links to leave our site here, we do not have control over other websites and therefore cannot be responsible for the protection and privacy of any information that you may provide whilst visiting sites, not under our control and these other websites are not governed by this privacy policy.