Privacy Statement

Heaven's Attic is committed to protecting your privacy and maintaining the security of any personal information received from you. We strictly adhere to the data protection requirements and have updated our policy in light of the May 2018 General Data Protection Regulation.

The purpose of this statement is to explain to you what personal information we collect and how we may use it.

What data do we collect?

Purchasing information

When you order products from our site, we collect details in order to fulfil the order.

Your personal contact and payment details are used solely for billing purposes and this transaction is completed in a secure environment through a third party provider, WorldPay. Their privacy policy can be viewed here: https://www.worldpay.com/uk/privacy-policy

Heaven's Attic do not have access to your payment details.

Heaven's Attic use your address information to fulfil your order, and for no other purpose. You will also receive an email confirmation relating to your order; and if there are any issues, we may call you if a number has been provided.

In order to process credit/debit card transactions, the bank or card processing agency may require to verify your personal details for authorisation outside the EEA (European Economic Area). Your information will not be transferred outside the EEA for any other purpose.

Marketing communication

When you register for our e-communications we ask for your name and email address. We use these details solely for this purpose and email you on an ad hoc basis about our product range, promotions, updates on the organisation, or campaigns we are supporting.

In order to maintain the accuracy of our email database, please email us if you have changed your email address: info@heavensattic.co.uk.

We do not sell, rent, or exchange your personal information.

We will retain your information for as long as you are registered with us as interested in our services. You can request at any time for your information to be removed from our database by unsubscribing here: https://www.heavensattic.co.uk/unsubscribe/

We have used a third party email provider in the past, but we are not in contractual agreement with anyone at the moment.

When you Contact Us

You may voluntarily contact us with a query or to book an event. On these occasions we use the data you provide to respond to you, and for no other purposes.

Basic Website Usage Statics

We use Google Analytics to give us a rough idea on how many people are using our website.

To reduce concerns with sending tracking data to Google, we honour your browsers "Do Not Track" preference (currently set to allow tracking); and when allowed, we still instruct Google to use IP Anonymization.

Your rights

At Heaven's Attic, we hold very limited information about you. You do however have control over what information we hold about you, how it is used, and whether you are happy for us to keep it. General Data Protection Regulation (GDPR) states that you have:

  • The right to be informed - to know what information we collect about you and why. This Privacy Policy is in response to this right.
  • The right of access - to see what information we hold about you and to verify the lawfulness of our processing of your data.
  • The right to rectification - to rectify the information we hold if it is incomplete or inaccurate.
  • The right to erasure - "to be forgotten"; to have your information removed.
  • The right to restrict processing - to change the way in which we use your data.
  • The right to data portability - to obtain your information in order to transfer it to another service or organisation.
  • The right to object - to object to the way in which we are using your data.
  • The right not to be subjected to automatic decision making including profiling - to have your information removed from any databases subject to automatic decision making processes.

To exercise any of your rights, please contact info@heavensattic.co.uk.

Cookies

Certain parts of our website use cookies, which allow us to remember certain details about using our website.

This table explains the cookies we use, and what they are for:

Website Cookies
Name Description
order Used to remember your order, and the items you have selected.
csrfToken A random value used to protect against CSRF attacks.
lastCategoryMain The last main category viewed; used to keep the navigation highlight.
lastCategorySub The last sub category viewed; used to keep the navigation highlight.
cookieCheck Always set to the value 'true', to check if the browser accepts cookies.

You can set your browser not to accept cookies, however a few features of our website may not work correctly as a result.

For more information about cookies visit https://www.bbc.co.uk/webwise/guides/about-cookies

Secure Certificate

All payment transactions are carried out over an encrypted connection (via TLS). We do this using industry standard technology. The padlock symbol, at the bottom of your browser window confirms this level of encryption. If you click on this, you will see our HTTPS certificate, meaning your data is only visible to us.

How to contact us

Our contact information can be found here: https://www.heavensattic.co.uk/contactUs/

For more information about your legal rights in relation to the information we hold about you, please visit the Information Commissioner's Office at https://ico.org.uk.