GDPR and Privacy Policy
Marcia Young Art is committed to respecting and protecting your privacy and complying with the GDPR law. Collecting personal information such as name, address and contact details only for the purposes of fulfilling your order. In addition, UK tax law requires to retain information for a minimum of 6 years following a transaction.
Marcia Young Art will never share your information with any other companies or organisations unless required by law to do so. If you believe any of your details are inaccurate please get in contact and Marcia Young will endeavour to change incorrect information as soon as possible. You have the right to ask to see the details that is hold about you and to ask to have it delete these at any time (subject to mandatory information requirements related to HMRC or similar bodies). If you wish to raise a complaint on how we have handled your personal information, please contact Marcia Young Art.
If you are not satisfied with the response or believe processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office ICO : https://ico.org.uk
When purchasing an item, you will be forwarded to the payment processing company. Marcia Young does not store any financial information (such as credit or debit card numbers) about you on Marcia Young Art website. Stripe is an e-commerce platform to process orders. you can find their privacy policy below. Stripe collects the IP address from which the order is made and Via Stripe hold information on the number of orders, the value of those orders. Stripe holds your IP address to help with fraud prevention.
Resources and further information
https://www.squarespace.com/privacy
https://stripe.com/gb/privacy
https://mailchimp.com/legal/privacy/
https://policies.google.com/privacy
General Data Protection Regulation (GDPR)EU 2016/679
Privacy and Electronics Communications Regulations 2003
Data protection Act 1998
Stripe Privacy Code. Stripe services that enable platforms and merchants to run businesses, and to safely conduct online payment transactions.
Stripe has updated its Privacy Policy and Cookie Policy effective April 28, 2020. In the Privacy Policy, we have clarified our use of data, including that Stripe does not use, share, rent, or sell the personal data of our users’ customers for interest-based advertising. We’ve also made it clear that in the event of any sale of Stripe or its assets, the buyer will continue to be bound by the terms of the Privacy Policy. We’ve also added more information about the cookies we use in our Cookie Policy.Stripe respects the privacy of everyone that engages with our platform, and are committed to being transparent about our privacy processes and policies. We are a platform that enables millions of businesses, and in order to provide our services to our users, we collect and process personal data.
Below is The Stripe Privacy code that contains the answers to frequently asked questions about how we collect and use personal data, the rights that individuals have in relation to personal data held by Stripe, and how Stripe complies with international data protection laws.
1. What is the GDPR?
The General Data Protection Regulation, or “GDPR”, is a European data law that is the most important change in data privacy regulation in decades. Stripe published the General Data Protection Guide to help our users understand the GDPR’s widespread consequences, the opportunity it affords to improve data processing activities, and how to become and remain GDPR-compliant.
2. How can I exercise my data subject access rights under the GDPR?
Under the General Data Protection Regulation (GDPR), residents of the EU may exercise certain rights regarding their personal data. If you would like to make a data subject access request, please contact dpo@stripe.com.
3. Does Stripe retain personal data?
As a provider of payment services, Stripe is required to comply with many regulations including anti-terrorism and anti-money laundering laws. Some of these regulations and laws require Stripe to retain transaction records for a prescribed period of time. Read more about our data retention process in our Privacy Policy.
4. Does Stripe have a Data Protection Officer (DPO)?
Yes, Stripe has appointed a DPO and they can be reached via dpo@stripe.com.
5. Who are Stripe’s sub-processors and how are they vetted?
Stripe identifies, evaluates, and engages sub-processors through our vendor management program. We enter into a contract with each sub-processor prior to sharing data with the sub-processor, and each contract contains terms that provide for monitoring and audit. In addition, all potential vendors are vetted and approved through Stripe’s security review process before we begin using their services.
We maintain a list of our current sub-processors.
6. What is a Data Processing Agreement (DPA) and how can I get one with Stripe?
A data processing agreement is a contract between a data controller and a data processor, which describes the roles and responsibilities of the parties when personal data is processed. Article 28 of the GDPR sets out a number of requirements that a data processing agreement must satisfy in order to be compliant with European data privacy law.
We have made a Data Processing Agreement (DPA) available to Stripe users. When you’re logged in to your Stripe account you can review and accept the Stripe DPA.
7. How does Stripe transfer European personal data?
At Stripe we care deeply about the protection of our users’ data and we’ve looked closely at how to ensure that we remain compliant with evolving European law regarding transfers of European personal data.
Stripe’s services in Europe are provided by a Stripe affiliate—Stripe Payments Europe Limited (“Stripe Payments Europe”)—an entity located in Ireland. In providing Stripe Services, Stripe Payments Europe transfers personal data to Stripe, Inc., in the U.S. To ensure the adequate protection of personal data, we have certified to the EU-U.S. and Swiss-U.S. Privacy Shield Framework. For more information, please read our Privacy Shield Policy. In addition to Privacy Shield, Stripe continues to employ additional compliance measures to ensure an adequate level of protection of personal data transferred outside the European Economic Area.
Our aim is to ensure that Stripe remains compliant with European data protection laws and also to assist our users in doing so.
Security
We are also committed to keeping your information secure and have put in place suitable physical, electronic and administrative procedures to safeguard the information we collect via the website. At times the website may contain links to other sites where we cannot be responsible for the protection and privacy of any information you provide there. Please exercise caution and check the security and privacy statements of other websites.
https://www.squarespace.com/privacy Policy & Cookies Updated Date: July 7, 2020
Squarespace (“Squarespace”, “we”, “us” or “our”) respects your privacy. When it comes to your personal information, we believe in transparency, not surprises. Please view on https;//www.squarespace.privacy policy to view what personal information we collect, what we do with it and your choices and rights.
By using any of Squarespace’s Services, you confirm you have agreed to the Terms of Service and read and understood this Privacy Policy and our Cookie Policy.
This website Marcia Young Art uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app.
For information about viewing the cookies dropped on your device, visit The cookies Squarespace uses.
These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.
These analytics and performance cookies are used on this site, as described below, only when you acknowledge our cookie banner. We use analytics cookies to view site traffic, activity, and other data
Customer accounts & Visitor data
Marcia Young Art shares this essential information with Squarespace.com, the website hosting provider, so that Marcia Young Art can provide website services to us. When you buy something on this website, Marcia Young collect personal information from you to fulfill the order. We may collect information like your:
Billing and shipping address
Details relating to your purchase
Email address
Name
Phone number
As you go through checkout, this site may auto-complete your shipping and billing address by sharing what you type with the Google Places API and returning suggestions to you to improve your checkout experience.
This website is hosted by Squarespace.com. Squarespace collects personal data when you visit this website, including:
Information about your browser, network and device
Web pages you visited prior to coming to this website
Your IP address
Squarespace needs the data to run this website, and to protect and improve its platform and services. Squarespace analyzes the data in a de-personalized form.
Resources and further information
https://www.squarespace.com/privacy
https://stripe.com/gb/privacy
https://mailchimp.com/legal/privacy/
https://policies.google.com/privacy
General Data Protection Regulation (GDPR)EU 2016/679
Privacy and Electronics Communications Regulations 2003
Data protection Act 1998