GREYES

Your Privacy Matters: Greyes Data Protection Practices

This privacy policy describes the data privacy practices that Greyes Ltd employs concerning the information which you, the customer (‘you’, ‘your’), provide when using https://greyes.art (‘Website’), purchasing Greyes products on another platform such as Etsy or Amazon, or when engaging with Greyes Ltd in any form online or offline. A lot of work has been put into designing this privacy policy and keeping it as clear, comprehensive, and, most of all, as transparent as possible. Please read it carefully so that you are fully aware of what, when and why Greyes Ltd collects your data and how it is stored.

DATA PROTECTION

Greyes Ltd strives to comply with the Data Protection Act 2018 and is registered as a Data Controller with the Information Commissioner’s Office (ICO), which is the UK’s independent regulatory body for Data Protection (DPA) and Freedom of Information (FOIA). Should you have any concerns or need additional information about data protection at Greyes, you can view Greyes’ Data Protection Certificate: visit this link or make a request verbally or in writing by filling up the form here or by sending a letter to the address below:

FOR UK, NON-EU & THE REST OF THE WORLD, WRITE TO:

GREYES LTD
207 Regent Street, Suite 8, Third Floor.
London W1B 3HH, United Kingdom.

FOR EU, WRITE TO:

GREYES LTD
Via Lima, 7, 00198 Roma RM,
Lazio, Italia.

TYPE OF DATA COLLECTED

Greyes Ltd may collect, use, store and transfer in different formats the following types of information about you:

  • Personal identifiers, such as your title, first name, and last name, as well as transactional data like products purchased, the amount spent, email address, telephone numbers, billing and delivery addresses, including bank and credit/debit card details. Such information is needed to process and fulfil your order(s) and return(s)
  • Other personal details or characteristics like age, marital status and gender may be collected for ongoing business development and offer relevant products/services
  • Non-personal information: The website uses Google Analytics, so when you visit Greyes’ website, servers automatically collect non-identifier data, such as your IP address, browser or device you use to access the website, your location, including your country/region, and the specific sections and products that you view. Etsy also offers statistics on listings. GREYES LTD IS UNABLE TO IDENTIFY A PERSON WITH THESE DETAILS, and it is only used to gain a better understanding of Greyes’ visitors and customers
  • Communication and Feedback: This may include any form of interaction or correspondence with Greyes Ltd, including but not limited to private communication like emails, queries, and messages, as well as public posts or comments on social media. Greyes LTD also collects any feedback that you provide us with for customer care and quality improvement
  • Marketing Data: your preferences in receiving marketing and communications
  • To view our Cookie Policy, please click here.

Under the UK General Data Protection Regulation (UK GDPR), the lawful basis Greyes Ltd relies on for processing this information is: Legitimate interest.

KNOW YOUR RIGHTS

You have the right to be informed about how Greyes Ltd collects and uses your personal data, which is the purpose of this privacy notice.

You have the right to access all the information Greyes Ltd holds about you. This can be requested verbally or in writing. Greyes Ltd will provide a copy free of charge. By law, the company has up to one month to provide this. If you need to make changes to the data held about you, you have the right to rectification. Please contact Greyes Ltd, and this will be updated for you. You have the right to portability.

Data Retention: HMRC (HM Revenue & Customs) requires UK businesses to keep company financial records for at least six years from the end of the last financial year. Therefore, if you have been a paying customer during that period, Greyes Ltd will likely hold information about you. Your information will be kept for as long as Greyes Ltd genuinely needs it for legal obligations (e.g., tax purposes), quality and service improvement, business development and market research. If you do not consent to this, you can exercise your right to erasure or right to object. You can make your request verbally or in writing. A written document is recommended as it provides clear proof of your request.

IT IS RECOMMENDED YOU VISIT THE ICO WEBSITE BEFORE STARTING THE PROCESS OF RAISING A CONCERN/COMPLAINT. FOR FURTHER INFORMATION REGARDING YOUR RIGHTS UNDER UK GDPR.

You can raise a concern if you are unhappy with how Greyes Ltd has handled your request or data. In that case, we would be grateful if you could raise a concern with us first, but if you prefer to go directly to the ICO, please click here. Please note that by UK law, the company has up to one month to respond to your concern. You can seek clarification from Greyes Ltd once you have received a response.

If the matter remains unresolved after all these steps, you have the right to make a complaint to ICO. For additional help and information, please contact:

Information Commissioner’s Office (ICO)

Water Lane, Wilmslow

Chesire SK9 5AF

Helpline number: 0303 123 1113

or visit ico.org.uk

HOW, WHEN AND WHY GREYES COLLECTS DATA

HOW: None of your personal data is stored in physical locations, e.g., an office; no physical document with personal information is stored on any Greyes Ltd computers/devices. Greyes Ltd stores all collected data in password-protected files and uses Microsoft 365 OneDrive Business to store such documents securely in the cloud. For enhanced security, Greyes Ltd uses Multi-factor Authentication (MFA) in all its online accounts, and all files are encrypted. Greyes Ltd believes this type of data storage to be fully GDPR-compliant. Please note that Microsoft has its own privacy policy, which you can access by clicking here.

WHEN: Greyes Ltd collects personal information directly from you when you provide this information by: 

  • Contacting Greyes with queries or complaints or to get information about Greyes Ltd, our products and/or services
  • Placing orders on the website, in-store or by telephone;
  • Interacting with us by phone, e-mail or letter, or when you complete a questionnaire or form, online or in-person
  • Engaging with Greyes social media posts through messages or comments
  • Signing up/subscribing to Greyes e-newsletter (you may unsubscribe at any time by contacting Greyes)

Greyes Ltd also receives personal information indirectly from the following sources in the following scenarios:

  • When you place orders on Greyes Etsy Shop, which operates on the Etsy platform. Greyes Ltd has access to personal identifier information on Etsy. Greyes Ltd has access to name, delivery address, the amount spent, products purchased and transactional data analytics like whether the customer used a coupon or the payment method used, but Greyes LTD does not have access to your card/bank details on Etsy.
  • When you purchase Greyes books on Amazon, the platform Greyes LTD uses to sell its books and journals. Greyes Ltd does not receive any personal identifier information from Amazon. Greyes Ltd can only see which country/region the order was from, the amount spent, and the products purchased. Amazon does not grant its sellers access to names, addresses and card/bank details of customers for reasons of their own.
  • When you purchase Greyes products directly from Greyes’ website, Stripe or PayPal processes the payments. This payment handling method provides us with mostly all of your personal data, including some bank/card details, but never the full card number

WHY: Greyes Ltd collects personal data for the following reasons:

  • To provide and conduct core business activities, such as processing and fulfilling orders, returns and customer care
  • To inform you via email regarding your order(s) or to answer your queries, concerns or complaints
  • To notify you about news, special offers, product releases or updates (you may unsubscribe at any time by contacting Greyes)
  • For quality and service improvement, business development and market research purposes
  • For security reasons, e.g., to prevent fraud, protect the rights and safety of Greyes Ltd, its customers and others

Greyes Ltd values and respects your privacy as a person. Rest assured that your personal information will never be traded or sold to any organisation or individual. The company is committed to acting in the best interest of its customers and will not abuse its role as a Registered Data Controller for any commercial gain. However, Greyes Ltd may have to disclose personal data when summoned by law enforcement and/or the government or to prevent/investigate potential fraud and protect the rights and safety of Greyes Ltd, its trading names, the rest of its customers and others. If you provide false or inaccurate information, and fraud is suspected, Greyes Ltd will record this.

Greyes Ltd may share your details with third parties to fulfil your orders and to comply with security requirements (e.g., data protection) or legal obligations if required, but never beyond these purposes. Third parties that may have access to your personal details are:

  • Card processors like Stripe or Paypal, which are necessary to process payments
  • Etsy, which is the platform on which Greyes Etsy Shop operates
  • Amazon, which is the platform that Greyes Ltd uses to sell its books and journals
  • Shipping companies like Royal Mail to ship your items
  • Microsoft 365 OneDrive for Business, which acts as Greyes’ Data Processor

Please note: Greyes Ltd does not have control over how these companies manage and collect data. Therefore, please refer to their privacy policies for further information.

Due to the changing nature of laws, regulations and the content of this website, it is recommended that you visit this page occasionally for any changes. Your continued use of Greyes website will be considered acceptance of any changes made.

Thank you for your trust,

© 2022-2024 Greyes, Greyes Art, or Greyes Publishing are trading names of GREYES LTD. All Rights Reserved.
Registered Company in England and Wales, with Registration No. 14397820 and VAT Registration No. GB427632590. Registered as a Data Controller with the Information Commissioner’s Office (ICO), with Registration No. ZB479825.  Registered Office/HQ for UK & the Rest: 207 Regent Street, Suite 8, Third Floor. London W1B 3HH, United Kingdom. Greyes Italia Office for EU: Via Lima, 7, 00198 Roma RM, Lazio, Italia