Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the GDPR).
Who are ‘we’?
Autistic Eye is a very small not-for-profit community interest company that publishes, promotes and sells greeting cards by artists on the autistic spectrum. As such we are exempt from registering with the ICO (Information Commissioner's Office).
How do we collect and process your personal data?
Autistic Eye complies with its obligations under the GDPR. Under GDPR, Autistic Eye will store your name, email address and contact details when you visit our website and order cards, sign-up to be a Friend of Autistic Eye or submit a request for further information.
What personal information do we collect from the people that visit our website?
When ordering on our site or submitting a request for more information, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.
How might we use your personal data:
- To process your transactions
- To correspond with Friends of Autistic Eye
- To communicate with published artists and gallery artists
- To follow up after general correspondence and queries
- To pay our contractors
- To maintain our own accounts and records
- To administer supporter records
- To operate Autistic Eye’s website and social media accounts
- To inform individuals of news, events, activities or services run by the Autistic Eye
How long do we keep your personal data?
We keep your personal data for no longer than reasonably necessary. This may be in line with statutory requirements (e.g. for tax purposes), in case of any legal claims/complaints or for safeguarding purposes.
Your rights and your personal data
Unless subject to an exemption (under the GDPR), you have the following rights with respect to your personal data:
- To be informed about the collection and use of your personal data
- To request a copy of your personal data which the data controller holds about you
- To request that any personal data is corrected if it is found to be inaccurate or out of date
- To request your personal data is erased where it is no longer necessary for the data to be retained
- To withdraw your consent to the processing at any time (i.e. where explicit consent has been relied upon as a processing condition)
- To request that you be provided with your personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability)
- Where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
- To object to the processing of personal data (where applicable)
- To lodge a complaint with the Information Commissioners Office
Do we use ‘cookies’?
- To remember and process the items in the shopping cart.
- To understand and save user’s preferences for future visits.
- To compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
Disabling cookies may mean you will not be able to use all the features on our website.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
Named Designated Data Protection Officer (Data Controller):