Privacy Policy

The EU General Data Protection Regulation (GDPR) provides rights to individuals and requires organisations like us to provide information in a clear and transparent way about how we collect, store, and use your personal data.

Who are we?

We are Elin Isaksson Glass, and our registered office is 2 Tannahill Terrace, Dunblane, FK15 0AX, United Kingdom.

As a Data Controller, we are committed to protecting your privacy. This means, at all times, we endeavour to comply with the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (amended).

How to contact us?

If you have any questions about this Privacy Policy, please get in touch at:

• dpo@elinisakssonglass.com

• Elin Isaksson Glass, Tannahill Terrace, Dunblane, FK15 0AX, United Kingdom.

When do we collect personal data?

• when you provide contact details to us when requesting information about our services.

• when you place an order from our online shop or book a class.

• when you sign up for our email newsletter.

By submitting your information, you consent to the use of that information as set out in this policy.

What types of personal data do we collect?

• Contact details, including name, phone number, email address, and delivery address.

• All payments are submitted through Stripe or PayPal, so no card details are ever seen or stored.

How do we use your personal data?

• Purpose: to respond to a query or request for services.
  Lawful basis for processing: Legitimate Interest, which we have balanced with the interests of our customers.

• Purpose: to the provide services.
  Lawful basis for processing: Consent, Contract (B2B)

• Purpose: to contact you with opportunities we believe are relevant and of likely interest to you.
  Lawful basis for processing: Legitimate Interest, balanced with the interests of our customers.

• Purpose: to maintain records of prospective, current, and past customers.
  Lawful basis for processing: Legitimate Interest, balanced with the interests of our customers.

• Purpose: to send email newsletters and updates.
  Lawful basis for processing: Consent

We do not collect any special categories of personal data, as defined under the GDPR.

When do we disclose your personal data?

We may disclose your personal data but only if required to do so by law.

Email newsletter

You can unsubscribe at any times by clicking on the unsubscribe link in any such email you receive from us. Alternatively, you can email dpo@elinisakssonglass.com with the word ‘unsubscribe’ in the subject line.

What are my personal data rights?

Individuals have the following rights to their personal data under the GDPR:

Informed – the right to know what personal data is being processed, and for what purpose.

• Access – the right to access the personal data we may hold about you.

• Rectification – the right to have inaccurate personal data rectified or completed.

• Erasure – the right to request us to delete any of your personal data.

• Restrict processing – the right to request the restriction or suppression of personal data.

• Data portability – the right to obtain and reuse personal data for their own purposes across different services.

• Object – the right to object to the processing of personal data in certain circumstances.

• Rights related to automated decision-making, including profiling.

If you would like to exercise any of these rights, or are in any way concerned about the way we have collected and used your personal data, please get in touch and we’ll do our best to help:

If you are unhappy with the way in which we’ve handled your personal data, you have the right to contact the Information Commissioner’s Office.

How do we keep your personal data secure?

We treat the protection of your personal data very seriously and we take all appropriate steps to ensure it’s stored in a secure environment to prevent any unauthorised access.

We may use external data service providers to process personal data on our behalf. Any data transfers between us and external service providers are securely encrypted, and where service providers are located outside the EEA we have additional contractual arrangements in place.

How long do we retain your personal data?

Up to five years from last verification. As required, financial records will be retained for a minimum of six years from the end of the financial year in which the last transaction occurred.