Privacy policy

This privacy policy notice is for this website; [www.zheeklayprinting.co.uk] and served by [ZheeKLAY of Market Passage, St Leonards on Sea, TN38 0EF] and governs the privacy of those who use it.

The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing / using this website.

Policy key definitions:

  • "I", "our", "us", or "we" refer to the business, [ZheeKLAY]. "you", "the user" refer to the person(s) using this website.
  • GDPR means General Data Protection Act.
  • PECR means Privacy & Electronic Communications Regulation.
  • ICO means Information Commissioner's Office.
  • HMRC means HM Revenue and Customs (a government agency).
  • Cookies mean small files stored on a users computer or device.
Processing of your personal data

We are exempt from registration in the ICO Data Protection Register because we only process personal data for core business purposes.

Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.

  • Lawful basis: Legal obligation and Legitimate interests
  • The reason we use this basis: We are required by law (HMRC) to keep financial records, and we need to use an invoice system for our business operation.
  • We process your information in the following ways: Invoices are created and stored within a third party interface i.e. PayPal Business.
  • Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
  • We do share your personal information with a third party i.e. with an invoice and payment system provider (PayPal) to enable us create and store invoices and receive payments.
  • Lawful basis: Contract
  • The reason we use this basis: Our legacy image prepping service and our current ad hoc image prepping requests from customers require prepped image files to be stored in customer folders for future use.
  • We process your information in the following ways: Image files are stored in customer folders on a dedicated drive which is password protected.
  • Data retention period: We will continue to house image files under this basis until you withdraw consent or it is determined your consent no longer exists.
  • We do not share your information with third parties.
  • Lawful basis: Legitimate interests
  • The reason we use this basis: To allow us to contact the customer with important information, and request feedback regarding the business.
  • We process your information in the following ways: Store and maintain an email address list of present customers.
  • Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
  • We do share your personal information with a third party i.e. Email Marketing Service provider (mailChimp) to enable us to do this.
  • Lawful basis: Legitimate interests
  • The reason we use this basis: Customer image files are stored to refer to incase of any customer queries or greviances.
  • We process your information in the following ways: Customer folders are stored in a secure password protected drive.
  • Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
  • We do not share your information with third parties.
  • Lawful basis: Legitimate interests
  • The reason we use this basis: The reason we use this basis: We need to store names and email addresses of parties who have requested a free print sample of their image file for our own reference to ensure there is no request duplication.
  • We process your information in the following ways: Names and email addresses are stored in a secure password protected drive.
  • Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
  • We do not share your information with third parties.
Your individual rights

Under the GDPR your rights are as follows:

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object; and the right not to be subject to automated decision-making including profiling.

You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.

We handle subject access requests in accordance with the GDPR.

Internet cookies
We do not use cookies on this website. However to enable us to run our business we use third parties that may use cookies. Control of any of these third party cookies are not within our remit therefore you would need to contact the third parties directly to find out further information. Third party service providers we use are mailChimp, PayPal and mailbigfile. We have provided links at the bottom to each of these providers own privacy policies.

Email marketing messages & subscription

Under the GDPR we use the legitimate interests lawful basis for anyone subscribing to our mailing list. We only collect certain data about you, as detailed in the "Processing of your personal data" above. Any emails we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users. Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign. Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all mailChimp lists by sending an email to mandy@zheeklayprinting.co.uk, otherwise contact the EMS provider. Our EMS provider is mailChimp. We hold the following information about you within our EMS system; Email address I.P address Subscription time & date Open and click for a campaign time & date

Resources & further information