Who am I?
My name is Marion Miller and I am a jeweller and silversmith based in Orkney.
My website address is: https://www.marionmillerjewellery.com.
What personal data I collect and why I collect it
If you upload images to the website, as part of a comment for example, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
I collect your name and email address through the contact form. I use contact form submissions to communicate with you and to respond to your enquiry. I will retain this data for administrative purposes, but I do not use the information for marketing purposes.
If you leave a comment on my site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit the login page, the site will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, the site sets up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if you had visited the other website.
Further information about Google Analytics, your data and privacy can be found here: https://support.google.com/analytics/answer/6004245?hl=en/
Who I share your data with
I only share your data with companies that I use to provide this website or additional services upon which I rely. I do not share data with third party advertising networks or other organisations that are not directly involved in providing my services.
I currently use services provided by:
- Antispam Bee (Spam detection and blocking)
- Automattic (Gravatar service for profile pictures)
- Google (Google Analytics to analyse usage and performance of site)
How long I retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so the site can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on my website, it also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data I hold about you, including any data you have provided. You can also request that your personal data be erased. This does not include any data I am obliged to keep for administrative, legal, or security purposes.
Where I send your data
Visitor comments may be checked through an automated spam detection service provided by AntiSpam Bee.
Visitor avatars are provided through the Gravatar service provided by Automattic.
Website analytics are provided by Google Analytics.
If you have any concerns about your privacy, you can contact my data controller, Adrian Waterworth, by emailing him at: [email protected]
How I protect your data
Data held by this website or its service providers is maintained in secure commercial data centres with regular backups and security audits. Only users or personnel with a legitimate need to access such data are permitted to do so and user access is limited by measures such as secure passwords and two-factor authentication systems.
What data breach procedures I have in place
In the unlikely event of a data breach, system and access logs will allow the extent and nature of the breach to be determined and any further data loss to be blocked. Anyone affected by such a data breach will be kept fully informed as to the nature and extent of any data that may have been released.
What third parties I receive data from
I do not receive identifiable personal data from any third parties.
What automated decision making and/or profiling I do with user data
I do not carry out any user profiling.
The Antispam Bee spam filtering service provides an automated indication of whether a comment or information received from a contact form may be spam, rather than a legitimate message, however these indications are then reviewed by a person before being acted upon.
Industry regulatory disclosure requirements