WHO WE ARE AND HOW YOU CAN CONTACT US
Our full address is:
Bradda Glen Close
IM9 6PG Port Erin
Isle of Man
Please note that Royale Maps is creating and selling original maps & home decor accessories. As an e-commerce company that sells directly to consumers via this website, we are processing your data to understand user behaviour better and offer you a better experience (with tools like Google Analytics). We also need your data to fulfil your orders and for this we need to submit your data to our fulfilment partners and shipping companies like USPS.
Changes to this Policy and Acceptance
We may update this Policy from time to time. If we do, we will inform you about any major changes, either by notifying you on the site or by sending you an email. If you purchase from our website, that means you accept this policy.
How this Policy Applies
This policy describes the information we collect from you, how we use that information and what our legal basis is for this. We will also explain how we might share this information and your rights regarding any information that you give to us.
Please also refer to our Terms & Conditions.
An exception of this rule is if a consent isn’t possible for technical reasons and the processing of your data is allowed or legally required.
Why we’re collecting data
We are collecting data in accordance with GDPR Article 6, and in particular for the following reasons:
Performing the contract we have with you: we need your personal data to comply with our contractual obligation to deliver our products to you. Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Consent: in some cases, we process personal data based on the consent you expressly grant to us at the time we collect such data. When we process personal data based on your consent, it will be expressly indicated to you at the point and time of collection.
Legal compliance: sometimes we have to collect and use your data required by law. Tax laws for example require us to retain records of purchases and payments.
Legitimate interests: this is a technical term in data protection law which basically means we have a good and fair reason to use your data and we do so in ways which do not hurt your interests and rights. We sometimes require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and that does not materially impact your rights, freedom or interests. For example, we use identity, device, and location information to prevent fraud and abuse and to keep our services secure. We also analyse how users interact with our website to better understand what elements of the design are working well and which are not working so well. This allows us to improve and develop the quality of the online experience we offer you.
What informations do we collect?
In order for you to interact with us (like contacting us, purchasing from us etc) we need to collect and process information.
Depending on the specific type of interaction with us, the data we collect may include:
Information about your device
Information about your web browser
Some of the cookies that are installed on your device
Information about the individual web pages or products that you view
What websites or search terms referred you to the site
Information about how you interact with the site
With this we create log files. The data from these can be attributed to a user. For example a web link that leads you to our website could include data that could be used to identify you. These data will be saved in our system in the log files.
The lawful basis for data processing is Art. 1 – 1 GDPR.
A cookie is a small file made of letters and numbers that we store via your browser.
We use the following categories of cookies:
Strictly necessary cookies. These are cookies which are needed to make the website work properly. They include, for example, cookies that enable you to log in, use a shopping cart or make secure payments.
Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region). These also allow us to tell if you’ve left any products in your basket without checking out.
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website relevant to your interests and for advertising and retargeting purposes. We may also share this information with third parties for this purpose (such as Google).
Google Tools (https://policies.google.com/privacy):
Google Analytics: to understand from where users are visiting us and how they navigate our site.
Other information that we store
When you buy a product from us.
We store your full name, address, e-mail address and maybe phone number if you choose to provide it – the more details you provide the more ways we have to contact you regarding your order in case there are problems. We will also send you emails relating to your transactions on our website (order confirmation, tracking number).
We will share your information with our fulfilment company/companies so they can pack your order and label the packages properly
We will share your data with our shipping partners depending on the shipping option you choose this may be DHL, Royal Mail or USPS who then in turn will share the data with sub-companies they work with in your locality. They may use the data you provide to send you updates regarding your order status or contact you in case of any problems.
We will also share the data necessary (Name, Address, Goods purchased and amount) with tax authorities.
Paypal stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Paypal’s Terms of Service or Privacy Statement.
How your information might shared
Your information is not shared publicly.
Information that’s shared with trusted third-party services:
In order to deliver your goods, improve our website and promote our services we have to share your information with third-party services. Examples are payment processors, our shipping partners, our fulfilment company, tools like Google Analytics and more. We may also share information that’s aggregated and anonymised in a way that it doesn’t directly identify you.
Information that’s shared to protect Royale Maps and comply with the law:
We do reserve the right to disclose personal information when we believe that doing so is reasonably necessary to comply with the law or law enforcement, to prevent fraud or abuse, or to protect Royale Map’s legal rights, property, or the safety of Royale Maps, its employees, customers, or others.
Generally, your data will be deleted when the purpose of saving it in the first place has been accomplished unless we have to keep your data on file for legal reasons.
We will save your email address for newsletter purposes until you opt-out of our newsletter. We will keep your personal information for tax authorities (your name, address, products ordered).
We also collect and maintain aggregated, anonymised information which we may retain indefinitely to protect the safety and security of our website, improve our services or comply with legal obligations.
Some of our third party plugins (like Google or Facebook) are US based companies so a data transfer from the EU & Switzerland to the USA happens. All these third party providers are certified under the EU – U.S. and Swiss – U.S. Privacy Shield frameworks, which are a legal mechanism to enable the transfer of personal data from the EEA and Switzerland to the US, where certified organisations guarantee to provide a level of protection in line with EU data protection law.
We give everyone who interacts with us the same rights. These include the right to request:
Deletion (erasure) of your personal data
Correction (rectification) of your data
Access to your data
An export of your data in a common (portable) format
These requests will be addressed by us within 3 weeks, unless they are exceptionally complex or numerous (in accordance with General Data Protection Regulation, Article 12(3)).
You have the right to request that your personal data be erased in certain circumstances. If we receive a request from you to delete your personal data, we will:
Verify that you are you (or in GDPR terms that the requester is the same as the data subject, i.e, the requester is not asking to erase someone else’s personal data).
Confirm there is no legal reason to preserve this data.
If both conditions are satisfied, we will delete the data in our system. In addition to that, we will also work with any relevant third parties to make sure that they delete or anonymise the personal data.
Personal data cannot be erased from our systems while it is:
Associated with a pending order.
Associated with an order made fewer than 180 days before the request (the usual window in which a buyer can make a chargeback).
If the buyer’s personal data cannot be erased for this reason, we will re-submit the deletion request after the appropriate time has passed.
When processing a request for erasure, we will anonymise the personal data of the buyer, but keep non-personal data such as revenue information and order details. Order details that are retained include the gateway used to process payment, time of sale, amount paid, currency, subtotal, shipping cost, taxes added, shipping method, item quantity, item name, SKU, and payment method.
If you ask for it, we will provide you with your personal data upon request. This data will be provided in a commonly used and machine-readable format.
EXCEPTIONS APPLY – we may retain certain information as required by law or as necessary for our legitimate business purposes.
You can opt out of the collection of data by asking us to do via email: firstname.lastname@example.org
Social Sharing tools
Other user behaviour tools
Please note that you can opt out via different methods:
Web Browser Controls
You can prevent the use of certain Tracking Tools, such as cookies using the controls in your web browser. These controls can be found here: Tools > Internet Options (or similar). Through your web browser, you may be able to:
Delete existing Tracking Tools
Disable future Tracking Tools
Set your browser to provide you with a warning each time a cookie or certain other Tracking Tools are being set
Mobile Opt Out
Your mobile devices may offer settings that enable you to make choices about the collection, use, or transfer of mobile app information for behavioral advertising. You may also opt-out of certain tracking tools on mobile devices by installing the DAA’s AppChoice app on your mobile device (for iTunes, visit https://itunes.apple.com/us/app/appchoices/id894822870?mt=8, for Android, visit https://play.google.com/store/apps/details?id=com.DAA.appchoices&hl=en). For more information, please visit http://support.apple.com/kb/HT4228, https://support.google.com/ads/answer/2662922?hl=en or http://www.applicationprivacy.org/expressing-your-behavioral-advertising-choices-on-a-mobile-device, as applicable.
Please be aware of this: some opt-outs are cookie based. This means that when opting-out you will have a cookie placed on your device that lets us know you have opted-out. If you delete your cookies, use a different browser, or use a different device, you will need to renew your opt-out choice.
Emails: We will give you the ability to opt-out of marketing-related emails via a link at the bottom of each such email. You cannot opt-out of receiving certain non-marketing emails regarding the Service. For example if we sell the company, we will also send you an order confirmation and tracking if applicable.
Please note that opting-out of behavioral Advertising does not mean that you will no longer see any online ads. It only means that such ads will no longer be tailored to your specific viewing habits or interests. You may continue to see ads from us.
We work with partners who encrypt the data. For example Paypal and all online stores powered by Woocommerce are Level 1 PCI-DSS compliant. We have agreements with our partners in place who also are GDPR compliant.
However no method of transmission over the internet or electronic storage is completely secure, so we cannot guarantee its absolute security.
Data Protection Authority complaint
Data protection officer
As a small family-run company, we don’t need one.
However you can of course contact us regarding any of this at email@example.com.
People under 18 (or the legal age in your jurisdiction) are not permitted to interact with us on their own. Royale Maps does not knowingly collect any personal information from children under the age of 13 and children under 13 are not permitted to interact with us or buy from us.
If you believe that a child has provided us with personal information, please contact us at firstname.lastname@example.org. If we become aware that a child under age 13 has provided us with personally identifiable information, we’ll delete it.