We are Mosaic Supplies Limited
Our website address is: http://www.mosaicsupplies.co.uk
Your privacy is important to us, we only ask for personal information that is needed to complete your orders and we work to ensure that our systems comply with the General Data Protection Regulation (GDPR).
If you have any questions regarding this document or your data please contact John Adey, our data controller.
What personal data we collect and why we collect it
When orders are placed the following personal information is collected:
- Telephone number
- Email address
This information is required in order to complete customer orders and to answer any questions regarding orders.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Names and email addresses used on contact forms are used only to respond to the forms.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Who we share your data with
Personal data may be shared with approved couriers for the purpose of delivering customers orders and with approved payment service providers for the purpose of processing card payments.
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Information relating to customer orders is retained for a minimum of 6 years to enable us to answer any questions and to meet the requirements of HMRC.
We do not use personal data from this website to send marketing emails to customers or potential customers. We have a mailing list using Mail Chimp which we use to send occasional emails and this requires your agreement to signing up by responding to an email after the initial sign up. Each email includes instructions to unsubscribe.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How we protect your data
All hardware on our network is protected to industry standards and all software is regularly updated.
What data breach procedures we have in place
In the event of a data breach customers and the Data Protection Registrar will be informed within 72 hours.
What automated decision making and/or profiling we do with user data
We do not use automated decision making and/or profiling.
If we need to make any changes to this policy your continued use of this site will constitute your acceptance of such change.