What information do we collect?
When a customer account is created, the personal information collected by our website includes: name, address, email, telephone number (if provided) and password. This can be easily accessed via ‘my account page.’ Our website does not store any payment details.
Orders are downloaded and information such as delivery and invoice addresses are only used to process and dispatch orders.
Our website is linked to:
- Google Analytics has tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. This information just provides us with information about our audience (please see Google’s Privacy & Terms).
- Google Ads which collects a variety of online identifiers, including cookie identifiers, internet protocol addresses and device identifiers (please see Google’s Privacy & Terms).
- Xero is our accountancy software that is certified as compliant with ISO/IEC 27001:2013 which is globally recognized as the premier information security management system (ISMS) standard. The personal information transferred to Xero includes: name, address and email address. No payment details are transferred.
- Mailchimp is our marketing software solely used for newsletters. Information is only passed to Mailchimp if the customer subscribes to receiving marketing information. The personal information transferred to Mailchimp includes: name and email address.
- Recharge is our subscription app that stores customer information when a subscription is purchased this includes name, address, email address and payment information.
How do we collect information?
When you place an order and conduct a transaction on our website, we collect the personal information you give us such as your name, address and email address as part of the process. Your personal information will be only be used in conjunction with your order.
How do we store information?
Our website and accounting systems are stored in the cloud that maintain their own security protocols. Data stored at Jekka's are stored on Microsoft sharepoint behind a firewall.
Payments are processed by Shopify, we do not have access to customers payment or banking details, nor do we store this information. Shopify and our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
When processing payments, Shopify performs automated decision making in conducting risk and fraud screening. This is where Shopify might automatically block a payment card number or IP address after a certain number of unsuccessful payment attempts. The automated blocking lasts only for a short period of time.
Payments over the phone:
If payments are taken over the phone, information is processed directly into the Shopify and the process is equivalent for online payments.
How do we communicate with you?
Customers sign up to our newsletter via a form on our website. Their name and email address are stored in Mailchimp and they have easy access to this data. An unsubscribe button is attached to all of our newsletters.
Customers and account holders are not added to our newsletter subscription, they are required to sign up to this independently and confirm through a "double-opt in" email.
How can you remove your information from our systems?
Please contact us if you wish to have your details removed from our system. Either use our contact form or email firstname.lastname@example.org. Please provide your full name and email address.
We do not share any customer data with a third party nor do we obtain data from a third party.