Mon-Fri 9:30am to 4:30pm and Sat 10am to 4pm

Privacy Policy

Privacy and Personal Data Policy

This policy explains the types of personal data we (Crooked Imaging) may collect about you when you interact with us. We collect and process data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. We do not disclose data to any third parties unless disclosure is necessary for the fulfilment of a service; you have specifically given consent for a particular service; or we have a legitimate interest in disclosing data. Instances in which we do disclose data to third parties are outlined below.

If you have any questions not answered by this policy, please contact us.

Section 1 - Our legal bases for processing personal data

Under the General Data Protection Regulations we rely on the following legal bases for processing your data:

Consent – we will ask your consent for marketing to you via email. If you consent we can collect and process your data for this purpose.

Contract – we sometimes need to collect and process your personal data in order to fulfil a contract with you, for example an order. We will also collect and process your data on this basis if you’ve asked us to provide a quote.

Legal – we are obliged to process some personal data to comply with the law. If you place an order with us we must retain some personal data for at least six years to comply with the Sale of Goods Act 1982, Consumer Rights Act of 2015 and HMRC guidance.

Legitimate interests – we collect and process some personal data to pursue our legitimate interests in a way you would reasonably expect as part of running our business; for example, to analyse information on our customers in order to provide new products or services.

Trusted Shops

We have integrated the Trusted Shops Trustbadge on this website in order to display our Trusted Shops Trustmark and offer the Trusted Shops products to customers after placing an order.

This serves the protection of our legitimate interests in the optimal marketing of our offer according to art. 6 (1) 1 lit f GDPR that are overriding in the process of balancing of interests. The Trustbadge and the advertised trust badge services are offered by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.

With every use of the Trustbadge, the web server automatically saves a so-called server log file which contains e.g. your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request. Those access data are not analysed and are automatically overwritten no later than seven days after the end of your website visit.

Other personal data are transferred to Trusted Shops only if you decide to use or have already registered to use Trusted Shops products after placing an order. In such a case, the contract concluded between you and Trusted Shops applies.

Section 2 - The kinds of personal data we collect

Depending on your interaction with us, we may collect and process all or some of the following information:
  •     Name
  •     Address details
  •     Phone number
  •     Email address
  •     Marketing preferences
  •     Order history
  •     Activity on our website – this is gathered by the use of cookies in your web browser. Learn more about our use of cookies.
  •     Computer IP address
Section 3 - How we protect your personal data

The entire checkout process for the Crooked Imaging website is held on a secure server (on the Shopify E-Commerce Platform) using a verified SSL (secure socket layer) system for transferring data. If you click on the small padlock symbol at the top of your browser's screen, next to the web address, you will be taken to the site's security certificate. If you have any concerns regarding the security of this site, please contact us.

Section 4 - With whom we share personal data

Sometimes we need to share your personal data with trusted third parties. In these instances, your data will only be used for the exact purpose we specify, will be transferred and stored securely, and will be deleted or rendered anonymous if we stop working with that third party.

Examples of the third parties with whom we share data are:
  •     Payment-processing services
  •     Delivery couriers and postal services
  •     Email marketing service providers
  •     Event ticketing services
  •     Marketing mailing houses
  •     Customer service management systems
  •     Companies who show you personalised content on our website and in emails
  •     Marketing companies who analyse our customer data
  •     Product and service review companies
This list is not exhaustive and may change from time-to-time in line with our business processes.  Please be assured that we will only ever share your information with trusted parties who adhere to GDPR and the correct standards of security.


Section 5 - How long do we keep your data

We will only keep your data for as long as it’s needed. After that, we’ll either delete it completely or render it anonymous (removing personal data but keeping information such as order amount for business analysis).

If you order from us, we’ll keep your data for six years in order to comply with legal obligations. You can request that some of this is removed sooner – see below.

After six years we will remove your data unless you have consented to our marketing.

Section 6 - Your rights over personal data

You have the right to:
  •     Access your personal data, free of charge
  •     Have your personal data rectified if out of date or incorrect
  •     Have personal data erased, unless that would conflict with our legal obligations
  •     Withdraw consent for us to use personal data, if you have previously given consent
  •     Object to us processing your personal data and/or stop us using data for direct marketing
If you would like to exercise any of these rights, you should contact us.

Section 7 - How to stop us using your data for direct marketing

You can stop us marketing to you via email in the following ways:
  •     By clicking the ‘unsubscribe’ link at the bottom of any marketing email we send
  •     By contacting us and asking to opt out
Please note, you may continue to receive marketing from us for a short period after opting out.  We will provide you with more detailed processing times should you make such a request.

Section 8 - How to lodge a complaint with a supervisory authority

If you are unhappy with our use of personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

The ICO’s contact details can be found on the ICO’s website.

SECTION 9 - CONSENT

How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
We may use your e-mail address to send you information about products or services that are the same as or similar to those that you have ordered from us and that we think you may find useful.
We will do so only if you have consented to being contacted for these purposes. At any stage you have the right to ask us to stop using your personal data for direct marketing purposes by clicking the un-subscribe link at the bottom of the email.

How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at enquiries@crookedimaging.co.uk or mailing us at:
Crooked Imaging
Unit E1 Knight Park Industrial Estate, Rochester, Kent,  GB ME2 2LS

SECTION 10 - DISCLOSURE

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

SECTION 11 - SHOPIFY

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).

SECTION 12 - THIRD-PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Links
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

SECTION 13 - SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption.  Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

SECTION 14 - COOKIES

 Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
 _session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
 _shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
 _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
 _secure_session_id, unique token, sessional
 storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.

SECTION 15 - AGE OF CONSENT

 By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.

SECTION 16 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

QUESTIONS AND CONTACT INFORMATION

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@crookedimaging.co.uk or by mail at
Crooked Imaging
[Re: Privacy Compliance Officer]
Unit E1 Knight Park Industrial Estate, Knight Road, Rochester, Kent,  GB ME2 2LS
----

What are you looking for?

Your cart

x