• Welcome to Islamic Artwork | السَّلاَمُ عَلَيْكُمْ وَرَحْمَةُ اللهِ وَبَرَكَاتُهُ مرحبا
  • Secure Online Shopping
  • FREE UK Delivery
  • 30 Day Money Back Guarantee
  • 12 Month Warranty
  • FREE Artwork Check

Privacy & Cookies

Last Updated: 9th December 2018

(*Sign in to save settings)

 

PRIVACY POLICY

General Data Protection Regulation

 

What is GDPR?

The acronym GDPR stands for General Data Protection Regulation.  On the 25th May 2018, the current Data Protection Act 1998 will be replaced and GDPR will take effect.  This regulation is a legal act of the European Union (EU) that becomes immediately enforceable as law in all member states simultaneously.

Why is GDPR important?

The purpose of GDPR is to improve protection of EU subjects’ rights and clarifies what companies that handle and process personal data must do to safeguard these rights.  GDPR is designed to:

  • harmonise data privacy laws across EU
  • to protect and empower all EU citizens data privacy
  • standardise companies approach in handling data privacy

What about Brexit?

Although the United Kingdom has decided to leave the European Union, GDPR will remain enforce after exit.

 

Islamic Artwork Ltd

This privacy policy sets out how we collect, store, use and protect personal data information when you use this website in compliance with GDPR framework.  We are committed to ensuring that your privacy is protected.  Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that data will only be used in accordance with this privacy statement.

1. islamicartwork.co.uk

Our website is hosted on a web server integrated with Secure Socket Layer (SSL) and Advanced Encryption Service (AES) offering maximum 256-bit data encryption.

2. Personal data we collect

We will only collect information deemed necessary for order fulfilment, communication, warranty entitlement and accountancy purposes. We will only store data you have consented to provide and will not seek or store personal data from alternative sources.

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal order processing
  • Improve our products and services
  • With consent, we may periodically send promotional emails about new products, special offers or market research purposes.  We will only contact you via preferred communication channels; email, telephone, fax or post.
  • We may use the information to customise our website according to your interests

2.1 Purpose: To register your customer account

2.1.1 Data source:

  • Title
  • Full Name
  • Job Title (*commercial orders)
  • Company Name (*commercial orders)
  • Customer Address
  • Delivery Address
  • Email Address
  • Telephone Number

2.1.2 The legal basis for us processing this data is ‘Performance of a contract’:

We will ask you for this data to allow us to create an account for you on our website.  Registration is mandatory as this will provide access to online order history.  Identification of this data is required as we need to know who our customers are.

2.1.3 Where will this data be stored:

  • In our secure database: 1&1 Internet Web Hosting Services (Germany)
  • Company registered secure computers and storage devices/units (United Kingdom)

2.1.4 How long will we keep this data:

For as long as you are a registered customer.

2.2 Purpose: Order processing and provisioning of services

2.2.1 Data source:

  • Title
  • Full Name
  • Job Title (*commercial orders)
  • Company Name (*commercial orders)
  • Customer Address
  • Delivery Address
  • Email Address
  • Telephone Number
  • IP Address

2.2.2 The legal basis for us processing this data is ‘Performance of a contract’:

We need this information to process orders efficiently ensuring products are delivered to the intended recipient.  In exceptional circumstances, IP address may be used for fraud investigation purposes.

2.2.3 Where will this data be stored:

  • In our secure database and e-mail: 1&1 Internet Web Hosting Services (Germany)
  • Company registered secure computers and storage devices/units (United Kingdom)
  • 3rd party suppliers (GDPR compliant)
  • Preferred couriers; Royal Mail & DPD (excluding IP Address)

2.2.4 How long will we keep this data:

For as long as you are a registered customer.

2.3 Purpose: Payment Processing

2.3.1 Data source:

  • Title
  • Full Name
  • Customer Address
  • Payment details

2.3.2 The legal basis for us processing this data is ‘Performance of a contract’:

Accepted Forms of Payment:

  • Cash
  • Debit/Credit cards
  • Bank Transfers
  • Cheques (payable to ‘Islamic Artwork Ltd’)

Our website is integrated with HSBC’s preferred payment gateway providing you with peace of mind.  Once you are ready to checkout you will be redirected to Global Payments platform wherein you will need to enter card number, name, valid from date and/or expiry date plus three digit code on the back of the card.  Global Payments will authorise payment remotely on their secure servers and upon successful payment automatically redirect you back to our site to confirm the order.  Rest assured, at NO POINT will we have sight of transaction details or store your payment card details on our systems.  Once approved, we will commence order processing activities. 

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organisations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.  Keeping our systems secure ensures customers can trust us with their sensitive payment card information. Compliance confirms we are part of the solution – a united, global response to fighting payment card data compromise.

Click link to view PCI DSS Compliance Certificate

2.3.3 Where will this data be stored:

  • Global Payments UK Ltd
    • 51 De Montfort Street
      Leicester
      LE1 7BB
    • ICO Data Protection Registration Number: Z1410416

2.3.4 How long will we keep this data:

For as long as you are a registered customer.

2.4 Purpose: Communication of products and services

2.4.1 Data source:

  • Title
  • Full Name
  • Job Title (*commercial orders)
  • Company Name (*commercial orders)
  • Customer Address
  • Delivery Address
  • Email Address
  • Telephone Number

2.4.2 The legal basis for us processing this data is ‘Performance of a contract’:

We need to ensure communication channels are available between us to keep you updated of products and services i.e. newsletter.  This will be based on consent from you to receive such information and we will use preferred communication channels. Our suppliers will not contact your directly as the consent will be given to us only.

2.4.3 Where will this data be stored:

  • In our secure database and e-mail: 1&1 Internet Web Hosting Services (Germany)
  • Company registered secure computers and storage devices/units (United Kingdom)

2.4.4 How long will we keep this data:

For as long as you provide consent.

2.5 Purpose: To communicate relevant changes to our organisation which may impact you

2.5.1 Data source:

  • Title
  • Full Name
  • Email Address

2.5.2 The legal basis for us processing this data is ‘Performance of a contract’:

We need this information to keep you updated of impact of organisational changes which may impact service levels.  An example of this is updates to our Terms and Conditions page which forms the basis of contract between you and us when you place an order.  We do recommend you bookmark this page and review regularly to ensure you are happy with changes.  We have specified e-mail address as there may be exceptional circumstances where we may need to notify you quickly of impending changes.

2.5.3 Where will this data be stored:

  • In our secure database and e-mail: 1&1 Internet Web Hosting Services (Germany)
  • Company registered secure computers and storage devices/units (United Kingdom)

2.5.4 How long will we keep this data:

For as long as you are a registered customer.

2.6 Purpose: Accounts and UK HMRC Taxation Compliance

2.6.1 Data source:

  • Title
  • Full Name
  • Job Title (*commercial orders)
  • Company Name (*commercial orders)
  • Customer Address
  • Delivery Address
  • Email Address
  • Telephone Number
  • Purchases and Invoices

2.6.2 The legal basis for us processing this data is ‘Legal Obligation’:

We need this information for accounting purposes and to ensure we are meeting HMRC obligations.

2.6.3 Where will this data be stored:

  • In our secure database and e-mail: 1&1 Internet Web Hosting Services (Germany)
  • Company registered secure computers and storage devices/units (United Kingdom)
  • Accountants (United Kingdom): 
    • Mibsons Limited
      180 Birmingham Road
      West Bromwich West Midlands
      B70 6QG
    • ICO Data Protection Registration Number: Z2016711

2.6.4 How long will we keep this data:

For as long as you are a registered customer.

By law, VAT records have to be kept for six years after accounting period.

3. Your rights under GDPR

The GDPR provides the following rights for individuals:

3.1 The right of access

You may request details of personal data we hold about you free of charge.

3.2 The right to be informed

Transparency on how we collect, store and use your personal data.

3.3 The right to rectification

If we hold incorrect or incomplete data you may submit a request to update information to ensure accuracy.

 

3.4 The right to erasure (‘right to be forgotten’)

If you no longer want us to hold your personal data you may submit review request to delete your account and associated data.  If there are any operational or legal reasons which may impact your request we will contact you.

 

3.5 The right to restrict processing

Where applicable, you have the right to restrict processing of personal data.

3.6 The right to data portability

You have the right to request transfer of personal data we hold to another organisation in a common media format.

 

3.7 The right to object

In certain cases, we may ask you to provide ‘opt-in’ consent for processing personal data i.e. direct marketing.  On this basis, we will not have any relevant options pre-selected.  You will also have the right to withdraw consent at anytime.

3.8 Rights in relation to automated decision making and profiling

Automated individual decision-making wherein a decision is made solely by automated means without any human involvement.

Profiling wherein automated processing of personal data is used to evaluate certain things about an individual.

4. Consent

We may ask you to provide consent for specific actions which must be viewed as independent consent from other requests on our website:

  • In order for us to communicate with you regarding products and services i.e. invoices, direct marketing.  Where applicable, we will present you with clear ‘opt-in’ options to choose from.  We will ensure no options in this instance are pre-checked by default
  • Consent from Children:
    • In the UK, consent can only be given by children over the age of 13 years (We reserve the right to request identification as proof)
    • In the EU, consent can only be given by children over the age of 16 years (We reserve the right to request identification as proof)
    • If children are under the age restrictions specified we reserve the right to contact parents to verify age and provide consent on behalf of children
    • If we suspect data provided is inaccurate we reserve the right to contact parents for verification purposes
  • Consents may be reviewed at any time and you have the option to withdraw consents at any time by contacting Data Protection Officer
  • We will retain data consent for as long as you are a registered user
  • Audit trail will be maintain specifying title, name,  consent option, date and time when consent was provided
  • To ensure best practice, under the guidance of the Information Commissioners Office data consent will be subject to review every two years and any associated documents will be updated accordingly

5. Contact Details

5.1 Processing Your request

Data Protection Officer:

Mr Mahmood Ravat | Tel: 0791 273 3521 | E-Mail: info@islamicartwork.co.uk

Registered Business Address:

76 New Mills Street, Walsall, West Midlands, WS1 4LF, United Kingdom.

Note:

  • We will ask you to prove your identity in the form of photographic identification such as a driving license or passport plus address confirmation such as utility bill to confirm we are dealing with the right person before we take any action.
  • We will not discuss your personal data with third parties.
  • In exceptional circumstances, we may require legal guidance to process your request.

As per GDPR guidelines, we will respond to your request within 30 days.  If we are unable to process your request we will provide you with reasons as to why the request was not completed.

5.2 Complaints

If you are not happy about the way we are processing or handling your personal data, in the first instance please raise your concerns directly with us and we will respond accordingly. 

If your are not satisfied with our response, you may contact Information Commissioner’s Office (ICO) which acts as the independent authority in the United Kingdom:

Islamic Artwork Ltd – ICO Registration Certificate: ZA357757 

Helpline: 0303 123 1113

E-mail: casework@ico.org.uk

ICO Website: 

Postal Address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

6. Controlling your personal information

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. 

We will not sell your personal information to third parties.

If required by law, we may be asked to share your data with Information Commissioner’s Office and Law Enforcement agencies.  In this instance, we will notify you of this action.

7. Terms & Conditions

This is the framework by which we operate and as such we advise you to carefully read, understand and agree to our Terms & Conditions as a basis for ordering products and services.

8. Links To Other Websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

COOKIE POLICY

A cookie is a small file which asks permission to be placed on your computer’s hard drive. The file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences and providing anonymised site statistics to third party applications.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

1. Strictly Necessary

These cookies are required for our website features to operate effectively and meet legal requirements.

Cookie Name:Duration:Purpose:
eucookielaw30 daysEU Cookie Law banner

2. Performance

To help us improve our products and services cookies are used to store anonymous data.

Cookie Name:Duration:Purpose:
tk_aiSessionStores a randomly-generated anonymous ID. This is only used within the administration consoles and is used for general analytics.

3. Functional

This type of cookies are used to store your preferences to enhance your experience.

Cookie Name:Duration:Purpose:
CONSENT, NID19 yearsThis is a 3rd party cookie from Google which uses a unique ID to remember your preferences.
Browser Add-on: Google Analytics Opt-out
wordpress_logged_in*SessionUsed to check whether current visitor is a logged in WordPress.com user

wp-settings-{id},

wp-settings-time-{id}

1 YearUsed to persist a user’s administration configuration

4. Unclassified

We are in the process of classifying individual cookies with our service providers.

Cookie Name:Duration:Purpose:
tk_lr 1 yearUnclassified
tk_or 5 yearsUnclassified
tk_r3d 2 daysUnclassified

5. Additional References

If you would like further information on Cookies and how to manage them in your browser, please refer to AllAboutCookies.org.

(*Sign in to save settings)