Privacy Policy

We take the security and privacy of your personal data extremely seriously.

What information do we collect and why?

П Е Н О В А /penova/ knitwear only collects your data if you make a purchase or complete a contact form. This includes your name, address, email address and telephone number,
We need your name and address so we know where to send your order. We need your email address and/or telephone number in order to contact you with your order confirmation, shipping confirmation, and to get in touch if there are any problems with your order.

We may also collect data in the following ways:
- We may collect information about your device, including where available your Internet Protocol address, for reasons of fraud protection. We may also collect information about your device’s operating system and browser type. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.

This information may also be used for internal record keeping, and to improve our products and services. We may use the information to customise the website according to your interests.

Do you share personal data with any third parties?

Yes, as we have to do this in order to process your order. We have to share your name and address with the payment processor (Stripe) in order to accept and verify your payment. We have to share your contact details with the delivery company (Royal Mail) in order for them to be able to deliver your order.

Do you sell personal data to any third parties?

No.

Do you send marketing emails?

No.

Can I access the personal data you hold?

Yes, you can request that we tell you what personal data we hold. You may also request that we amend any incorrect data, and you may also request that we remove the personal data concerned.

What legal basis do we have for processing your personal data?

We will only use your personal data where the law allows us to, in the following circumstances: - for performance of a contract we enter into with you
- where necessary for compliance with a legal or regulatory obligation we are subject to
- for the purposes of legitimate interests

We need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide the data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example to provide you with our goods or services). In this

case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time

How do we secure personal data?

We are committed to ensuring that your information is secure.
Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure.

Credit Card Security

All credit/debit card payments from our website are made through the secure Stripe gateway. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. As the payment is handled by Stripe, we do not handle or store these details on our own servers at any point.

How long do we keep your personal data for?

As stated by the GDPR, data should not be held for longer than is needed and shouldn’t be kept ‘just in case’ you have a need for it in the future. Therefore we keep your information for as long as needed for the administration of the transaction.

Controlling your personal data

It is important that the personal data we hold about you is accurate and current. Please keep us informed if the personal data we hold about you changes.
Data protection legislation gives you the right to object to the processing of your personal data in certain circumstances or withdraw your consent to the processing of your personal data where this has been provided. You also have the right to access information held about you and for this to be provided in an intelligible form.

If you would like a copy of your personal information, please email us at nikolpenova@gmail.com

You can also ask us to undertake the following:
- update or amend your personal data if you feel this is inaccurate - remove your personal data from our database entirely
- restrict the use of your personal data.

Use of cookies and other technologies

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. They are used to ensure the best user experience.
A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies.

Functional and Required Cookies help these features work: Customer accounts, Shopping cart and checkout, URL redirects. For further information visit: http:// www.allaboutcookies.org

How to contact us?

If you have any further queries regarding your Personal Data, please contact us at nikolpenova@gmail.com

This document was last updated in February 2021.

© 2021 Nikol Penova