PRIVACY POLICY

Welcome to The Outer Muse! Thank you for your interest in our company, website and shop. The protection of your personal data is important to us. We process your data in accordance with the UK`s Data Protection Act (DPA) and the General Data Protection Regulation (GDPR) and this Privacy Policy.

This Privacy Policy explains which personal data we collect from you via our website, what we use it for, when we delete it and how your data is protected. In addition, we will inform you of the respective legal basis that allows us to process your data. Finally, we will also tell you about your rights in connection with the processing of your data.

Personal data is information that makes it possible to identify a natural person. This includes in particular, your name, date of birth, address, telephone number, e-mail address, but also your IP address. Anonymous data exists if no personal reference to the user can be made.

The responsible party in terms of data protection law is:

The Outer Muse

Bristol, UK

Web: www.theoutermuse.com

E-mail: info@theoutermuse.com

Etsy: https://www.etsy.com/uk/shop/TheOuterMuse

Facebook: https://www.facebook.com/The-Outer-Muse-106777931046938/

Instagram: https://www.instagram.com/the.outer.muse.art/

TikTok: https://www.tiktok.com/@the.outer.muse.art

YouTube: https://www.youtube.com/channel/UCYiSebohxIhJn_VXgXhqgiA

Data collection

All personal data that we obtain from you via the website will only be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned or only with your consent.

In particular, Art. 6 GDPR specifies when data processing is permitted. The Outer Muse collects personal data if:

you have given your consent (Art. 6 para. 1 lit. a GDPR),
the data is necessary for the fulfilment of a contract / pre-contractual measures (Art. 6 para. 1 lit. b GDPR),
the data is necessary for the fulfilment of a legal obligation (Art. 6 para. 1 lit. c GDPR) or
the data is necessary to protect the legitimate interests of our company, provided that your interests worthy of protection are not overridden (Art. 6 para. 1 lit. f GDPR). Storage duration or criteria for determining the duration

The Outer Muse processes and stores your personal data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

Data transfers

In certain cases, it is necessary to transmit the processed personal data in the course of data processing. In this respect, there are different recipient bodies and categories of recipient.

Internal

If necessary, we transfer your personal data within The Outer Muse. Of course, we comply with the associated legal framework and ensure that your data is processed properly. Access to your personal data is only granted to authorised employees who need access to the data due to their job, e.g., to fulfil your order or to contact you in case of queries.

External bodies

Personal data is transferred to the following categories of recipients, in compliance with legal requirements:

Service providers in the context of fulfilment processing.
Shipping service providers, suppliers, payment services
Companies that provide marketing services
Service providers within the scope of communication systems
State authorities and institutions as far as this is required or necessary.

Secure transmission of your data

In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorised persons, we use appropriate technical and organisational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.

Links to other providers

Our website also contains - clearly recognisable - links to the websites of other companies. As far as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages. The linked pages were checked for possible legal violations and recognisable infringements at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.

Data subject rights

We are happy to inform you below about the rights to which you as the person concerned may be entitled to free of charge.

Information

We will be happy to inform you whether and if so which of your personal data we have and are processing.

Correction

If we have stored incorrect personal data, we will of course be happy to correct it.

Restriction

You can have the processing of your personal data restricted under certain legal conditions. This is the case, for example, if you dispute the accuracy of the data we have.

Deletion

We will be happy to delete your personal data independently of our deletion management on individual request, provided that this is possible for us for legal reasons.

Objection

You can object to the data processing operations carried out by us on your personal data, which are based on a consideration of interests, by stating specific reasons.

Revocation

If you have given us consent for data processing, you can of course revoke this without giving reasons with effect for the future.

Data portability

We will be happy to provide you, or a third party named by you with the personal data relating to you which we have received in the course of concluding a contract or consent and which is based on an automated data processing procedure in a common and generally machine-readable format.

You can assert your data subject rights at any time via the contact options mentioned or by emailing us at info@theoutermuse.com.

Right of complaint Supervision

You are of course free to contact the supervisory authority that applies to you at any time. Alternatively, you can also contact our supervisory authority, which is:

The Information Commissioner`s Office (ICO) located at Wycliffe House, Water Ln, Wilmslow SK9 5AF, UK (www.ico.org.uk)

We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us using info@theoutermuse.com in the first instance.

Log files

As mentioned above, we want to provide you with an optimal user experience on our website and our online shop. To this end, the following data is collected anonymously for the purpose of demand-oriented design and optimisation of this website:

Information on the device used (e.g., operating system, browser, screen resolution, language set.
Information on pages viewed during the website visit (e.g., category or product detail pages)
Information within the ordering process (e.g., order number, delivery and payment method, shipping and/or billing address)
Information on access data (e.g., entry via email newsletters, other websites or online advertising measures).

The scope of the stored and processed data is limited purely to the performance of statistical evaluations. Your IP address is made unrecognisable immediately after receipt, which means that it is not possible to assign usage profiles to IP addresses.

The collection of the data is necessary from a technical point of view in order to continuously optimise the functions as well as the presentation of our website on different devices, operating systems and browsers and to be able to make our offer more interesting for you as a user and is therefore based on the legitimate interest according to Article 6, paragraph 1, lit. f of the GDPR.

In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your terminal device and store certain information for exchange with our system. The legal basis for the processing of this data is Art. 6 (1) sentence 1 lit. f GDPR. For further details on the cookies, we use please read our Cookie Policy.

Hosting

To provide our website, we use the services of the homepage provider Wix.com Ltd, Namal 40, 6350671 Tel Aviv, Israel. Hereinafter referred to as "wix.com". The registered office in Europe: Wix.com Luxembourg S.a.r.l., 5 Rue Guillaume Kroll, L - 1882 Luxembourg. Wix.com collects two types of data: personal data (which can be used to uniquely identify an individual) and non-personal data (which is not used for identification purposes). Wix.com collects such information about our users and visitors, as well as users of users and others who provide it to us. Wix.com may also collect, solely for and in the interest of our users, similar data related to visitors and users of our users' web sites or services. Wix.com collects and uses data to provide our services and make them better and safer, as well as to contact our visitors and users and to comply with legal requirements applicable to Wix.com.

Wix.com may store and process personal data in the United States, Europe, Israel or other jurisdictions - either itself or through our affiliated companies and service providers. The data storage providers with whom Wix.com works are contractually obligated to protect your data. Wix.com may also collect, process and store such data in other locations, including the United States.

Wix may collect and process data about our users. We do so solely on behalf of and at the direction of our users. Our users are solely responsible for their users of user’s data, including for its legality, security and integrity. Wix has no direct relationship with users of users.

We may share the data of our visitors, users and their users of users with various third parties, including certain service providers, law enforcement agencies and application developers. In doing so, the data may only be shared in accordance with this policy.

The legal basis for the data processing is our legitimate interest in providing our web site in accordance with Art. 6 para. 1 f) GDPR.

Newsletter

On our website, users are given the opportunity to subscribe to our newsletter. In principle, our newsletter can only be received by the data subject if he or she registers for the newsletter mailing. For legal reasons, a confirmation email is sent to the email address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation e-mail serves to verify whether the owner of the e-mail address as the data subject has authorised the receipt of the newsletter.

When registering for the newsletter, we also store the IP address of the device used by the data subject at the time of registration as well as the date and time of registration, which is assigned by the Internet service provider (ISP). The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later date and therefore serves our legal protection.

The personal data collected in the context of a registration for the newsletter is used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes to the technical circumstances.

The processing of your e-mail address is thus based exclusively on your consent (Art. 6 para. 1 p. 1 lit. a) GDPR). You can revoke this consent at any time. An informal communication by e-mail to us using info@theoutermuse.com is sufficient for this purpose. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. The provider of our Newsletter is also wix.com.

Contact options

We process and store the personal data provided in the contact enquiry solely for the purpose of processing and responding to your enquiry and contacting you. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. b) GDPR.

If you write to us via e-mail, we will process the data you provide in the e-mail in order to contact you and answer your questions and requests. In doing so, the principle of data economy and data avoidance is observed in that you only have to provide the data that we absolutely need from you in order to contact you. These are usually your first and last name, your e-mail address, the topic selection and the message field itself. In addition, your IP address is processed out of technical necessity and for legal protection.

Social media

We maintain presences in the above-mentioned social media accounts. Insofar as we have control over the processing of your data, we ensure that they comply with applicable data protection regulations. However, you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating). With your consent, data may be transferred to a third country outside the EU, which may have a lower level of data protection than the EU (Art. 49 para. 1 p. 1 lit. a GDPR). We maintain our social media profiles in order to communicate with visitors to these profiles es and to inform them about our offers in this way.

In addition, we collect data for statistical purposes in order to be able to further develop and optimise the content and to make our offer more attractive. The data required for this purpose (e.g., total number of page views, page activities and data provided by visitors, interactions) are processed and made available by the social networks. We have no influence on the generation and presentation of this data.

In addition, your personal data is used by the providers of the social media, but also by usfor market research, communication and advertising purposes. It is possible, for example, that usage profiles are created based on your usage behaviour and the resulting interests. This allows, among other things, advertisements to be placed within and outside the platforms that presumably correspond to your interests. Cookies are usually stored on your computer for this purpose. Independently of this, data that is not directly collected from your end devices may also be stored in your usage profiles. The storage and analysis also takes place across devices; this applies in particular, but not exclusively, if you are registered as a member and logged in to the respective platforms.

We do not collect or process any other personal data.

The processing of your personal data by us is based on our legitimate interests in effective information and communication pursuant to Art. 6 (1) sentence 1 lit. f GDPR.

If you are asked for consent to data processing, i.e., if you declare your consent by confirming a button or similar (opt-in), the legal basis of the processing is Art. 6 (1) sentence 1 lit. a., Art. 7 GDPR.

If you are a member of a social network and do not want the network to collect data about you via our website and link it to your stored membership data with the respective network, you must

log out of the respective network before visiting our fan page
delete the cookies on your device and
close and restart your browser

After logging in again, however, you will once more be recognisable to the network as a specific user.

For a detailed description of the respective processing and the opt-out options, please refer to the information linked below:

Facebook

Opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com

Instagram

Opt-Out: http://www.networkadvertising.org/managing/opt_out.asp and http://www.youronlinechoices.com

Youtube

Opt-Out: https://tools.google.com/dlpage/gaoptout?hl=en and http://www.youronlinechoices.com

TikTok

Opt-Out: http://www.networkadvertising.org/managing/opt_out.asp and http://www.youronlinechoices.com

Since we do not have complete access to your personal data, you should contact the providers of the social media directly if you wish to assert your rights, as they each have access to the personal data of their users and can take appropriate measures and provide information.

Shopping in the online shop

In our online shop we offer you two options for purchase processing:

Creation of a customer account
Placing an order as a guest

For both registration options, the data required for order and payment processing and fraud prevention are requested, marked as mandatory fields:

Name, street, postcode, city, telephone number and e-mail address.
if the delivery address is different, the name, street, postcode and town are requested separately.
In addition, the user's IP address, the date and time of registration are stored (technical background data).

a) Creation of a customer account

If you decide to register in our online shop, you have the advantage that you can view your order history and manage your master data, and your specified data will be stored for future order transactions.

Once you have completed the registration process, your data is stored with us for use in the protected customer area. The online shop naturally offers you the possibility to make changes to your master data and to use the "My Account" function.

You can of course revoke your consent to the use of your account, your customer account in the shop will then be deactivated.

Please note: Your password will be stored in encrypted form. Employees of our company cannot read this password. Therefore, they cannot give you any information if you have forgotten your password. In this case, please use the "Forgotten password" function, which will send you an automatically generated new password by e-mail. No member of staff is authorised to ask you for your password by telephone or in writing. Therefore, please never give your password if you receive such requests.

b) Carrying out a guest order

If you decide to place a guest order in our online shop, no customer account will be created in our shop. If you place another order, you will have to enter your data again for order processing.

Furthermore, the data processing procedures described under the heading "Tracking measures and cookies" apply. Of course, you have the described contact options and data subject rights at your disposal.

Payment systems

In our online shop you can choose between different payment methods. For this purpose, the respective payment-relevant data is collected in order to be able to carry out your order and payment processing. In addition, your IP address is processed due to technical necessity and for legal protection.

PayPal

If you choose the payment method Paypal, you will be redirected to Paypal at the end of the order process. Payment processing takes place at PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. The data processing thus serves the fulfilment of the contract according to Art. 6 Para. 1 lit. b GDPR. For further information on data protection law, please refer to PayPal's Privacy Policy.

Credit/Debit Cards Payments

If you choose to use the Credit/Debit Cards payment method, payment will be processed through the payment system of Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel ("Wix"). Wix Payments allows payment via all major credit card formats and, depending on the region, additional payment methods. The individual payment methods offered through Wix Payments will be disclosed to you on our website.

When payments are made via Wix Payments, your payment data (e.g., payment amount, information on the payment method used, details of the payee) as well as your confirmation that the payment data is correct will be collected and processed by Wix for the purpose of making the payment in accordance with Art. 6 (1) lit. b of the GDPR and transmitted to the credit institution commissioned with the payment. This processing only takes place insofar as it is actually necessary for the execution of the payment. Wix then authenticates the payment via the authentication procedure stored for you at your credit institution.

In the context of the aforementioned services, data may also be transmitted to Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA, by way of further processing on your behalf.

Data transfer to shipping service providers

In order to fulfil the contract in accordance with Art. 6 para. 1 p. 1 lit. b GDPR, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must register with the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.

If you have given us your express consent to do so during or after your order, we will pass on your e-mail address to the selected shipping service provider in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR so that the shipping service provider can contact you before delivery for the purpose of delivery notification or coordination.

Direct marketing

From time to time, we may use the personal data we collect from you to identify particular products offers which we believe may be of interest to you. We may contact you to let you know about these products and services and how they may benefit you.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or relationship with us.

Direct Marketing from generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by The Outer Muse, or by our contracted service providers. Every directly addressed marketing form sent or made by us or on our behalf should include a means by which customers may unsubscribe (or opt out) of receiving similar marketing in the future. You can ask us to remove or amend any previous consent you provided by contacting us.

Storage and retention

Your personal data will be stored by us only for as long as is necessary to achieve the purposes for which the data was collected or - if statutory retention periods exist that go beyond this point and for the duration of the legally prescribed retention period. We then delete your personal data. Only in a few exceptional cases is your data be stored beyond this period, e.g., if storage is necessary in connection with the enforcement of and defence against legal claims against us.

The Outer Muse is entitled to process your personal data insofar as this is necessary to fulfil legal obligations. For this purpose, The Outer Muse may transfer this data in particular to authorities, law enforcement agencies and courts. In this case, the transfer of your data is required for compliance with a legal obligation to which we are subject. The Outer Muse is further entitled to process personal data if and to the extent necessary to detect or prevent misuse of this website or to enforce claims of The Outer Muse, its employees or users, whereby the data processing in these cases is necessary to protect these aforementioned legitimate interests.

International transfers

Our main operations are based in the UK and your personal information is generally processed, stored and used within in the UK. In some instances, your personal information may be processed outside the UK. If and when this is the case, we take steps to ensure there is an appropriate level of security, so your personal information is protected in the same way as if it was being used within the UK. Where we need to transfer your data outside the UK, we will use approved standard contractual clauses in contracts for the transfer of personal data to third countries.

Data Breaches/Notification

Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, The Outer Muse will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Confirmation of Confidentiality

All company employees must maintain the confidentiality of Personal Data as well as company proprietary data to which they may have access and understand that that such Personal Data is to be restricted to only those with a business need to know. Employees with ongoing access to such data will sign acknowledgement reminders annually attesting to their understanding of this company requirement.

Changes

This Policy and our commitment to protecting the privacy of your personal data can result in changes to this Policy. Please regularly review this Policy to keep up to date with any changes.

Queries and Complaints

Any comments or queries on this policy should be directed to us using info@theoutermuse.com. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us immediately.

PRIVACY POLICY

Stay in touch

About

Portfolio