Privacy Policy

Art in the Heart understands the value of your privacy, and will therefore only use the information you give us to process your order and provide a quick and convenient service to you in the future (in accordance with the Data Protection Act 1998). We do not sell mailing lists to other companies, or divulge any of your personal details to other companies or individuals.

When you (a customer and/or seller) register to the Art in the Heart Marketplace we ask for information such as your name, e-mail address, postal address, and contact details. Art in the Heart then keeps a record of this information. All payments are carried out using the secure PayPal gateway, so we do not use or store any credit or debit card information on our server. For more information on PayPal and to sign up for an account please visit the website: www.paypal.co.uk.

Art in the Heart use selected third parties including Google Analytics and Hotjar to collect valuable anonymous information about how you use our website. We use this information solely for the purposes of improving the user experience on the website. This information is not sold to third parties.

If you would like to revise the information you have provided to us because you feel that what we currently have on record is incorrect, and/or you would like your information erased from our records, you can so do by contacting us.

GDPR 2018

Our Online Shop: The Art in the Heart Marketplace

The General Data Protection Regulations mean that we are legally bound to explain how we look after your data. The website uses an SSL certificate using SHA-256 with RSA Encryption to encrypt data between the website server and the user. We use the latest WordPress software and plugins, and these are maintained on a regular basis by our developers to ensure that your data is as secure as possible. We use Amazon Web Services to host the website and store data, in a UK-based data centre. Customer and order data is shared with our sellers to fulfil orders, but we do not share this data with 3rd-parties beyond the data processors required (such as PayPal, the hosting company, transactional email services etc). We take appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of personal data. We use Paypal to process card payments – this is conducted off-site and subject to Paypal’s security and privacy policies and as such the website does not store any payment card details.