Who am I?

My name is Marion Miller and I am a jeweller and silversmith based in Orkney.

My website address is: https://www.marionmillerjewellery.com.

What personal data I collect and why I collect it

Comments

If you leave comments on the site, it collects the data shown in the comments form, and also your network (IP) address and a browser user agent string to help spam detection. Spam detection and blocking is provided by Antispam Bee. Their privacy policy is available here: https://pluginkollektiv.org/privacy-policy/

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, as part of a comment for example, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

I collect your name and email address through the contact form. I use contact form submissions to communicate with you and to respond to your enquiry. I will retain this data for administrative purposes, but I do not use the information for marketing purposes.

Cookies

If you leave a comment on my site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit the login page, the site will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, the site sets up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if you had visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

My website may use Google Analytics in order to help gather information about how the site is used, how many visitors it receives and where they may be located in the world.  To do this, Google Analytics uses cookies and collects data such as visitors’ IP addresses.  This data is only used to analyse the usage and performance of the website and is not shared with any other third party.

Further information about Google Analytics, your data and privacy can be found here: https://support.google.com/analytics/answer/6004245?hl=en/

Who I share your data with

I only share your data with companies that I use to provide this website or additional services upon which I rely.  I do not share data with third party advertising networks or other organisations that are not directly involved in providing my services.

I currently use services provided by:

How long I retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so the site can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on my website, it also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data I hold about you, including any data you have provided. You can also request that your personal data be erased. This does not include any data I am obliged to keep for administrative, legal, or security purposes.

Where I send your data

Visitor comments may be checked through an automated spam detection service provided by AntiSpam Bee.

Visitor avatars are provided through the Gravatar service provided by Automattic.

Website analytics are provided by Google Analytics.

Contact information

If you have any concerns about your privacy, you can contact my data controller, Adrian Waterworth, by emailing him at: aw@glendrian.com

Additional information

How I protect your data

Data held by this website or its service providers is maintained in secure commercial data centres with regular backups and security audits. Only users or personnel with a legitimate need to access such data are permitted to do so and user access is limited by measures such as secure passwords and two-factor authentication systems.

What data breach procedures I have in place

In the unlikely event of a data breach, system and access logs will allow the extent and nature of the breach to be determined and any further data loss to be blocked. Anyone affected by such a data breach will be kept fully informed as to the nature and extent of any data that may have been released.

What third parties I receive data from

I do not receive identifiable personal data from any third parties.

What automated decision making and/or profiling I do with user data

I do not carry out any user profiling.

The Antispam Bee spam filtering service provides an automated indication of whether a comment or information received from a contact form may be spam, rather than a legitimate message, however these indications are then reviewed by a person before being acted upon.

Industry regulatory disclosure requirements

None

0