PRIVACY AT MELBOURNE SOAP COMPANY
Melbourne Soap Company is committed to respecting and protecting our customer’s privacy. We only use the information that we collect about you lawfully in accordance with the GDPR and Data Protection Act 2018.
We may change this Policy from time to time, so please check this page occasionally to ensure that you’re happy with any changes. By using our website or shopping in our stores, you’re agreeing to be bound by our current policy.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org. Alternatively, you can telephone 0788 2885256.
Who we are
We are Melbourne Soap Company, founded by and owned by Suzanne Penn.
Information Commissioner Registration
Melbourne Soap Company is registered with the Information Commissioner as a processor of data even though we only process data for marketing purposes (our email newsletter). Our registration reference Melbourne Soap Company is:
How and when do we collect information from you?
We obtain information about you when you make a purchase from our website, etsy store, or if you opt in to be added to our newsletter list.
When you place an order with us, customers have the choice to opt into our Customer Mailing List via online purchasing, our website, social media links or via a form on craft stall events. Everyone who has done this can opt out by unsubscribing at any time, either online or in writing.
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
What type of information is collected from you?
The personal information we collect include your name, address, email address if you opt in to the newsletter option. If you make a purchase from us, your card information is not held by us, it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
How is your information used?
We may use your information to:
– process orders or refunds that you have submitted
– deal with entries into a competition
– seek your views or comments on the services we provide
– notify you of changes to our services
– send you communications which may be of interest to you. These may include information about new products or updates on our current product range
We have to have a legal basis for holding and using your information. Where we need your information to provide you with goods or services that you have enquired about or have bought from us, the legal basis is a contractual necessity. Where we use your information to keep you informed about our Company and our products, we believe that this is in our legitimate interests. We are careful to ensure that neither the frequency nor the content of the information we send to you will harm your data security or your privacy rights and you will always have a clear and easy to follow option to unsubscribe from further messages.
We only obtain, use and retain personal information that is relevant to the purpose that we require it. We will delete your information when you ask us to or when we no longer have a need to retain it. We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
Melbourne Soap Company holds a newsletter mailing list. We will not pass these details onto anyone else, except in the event of a merger, acquisition or sale of the company. In these circumstances, your data will continue to only be used in the same way as it is currently, and for the purpose that it was originally collected.
Who has access to your information?
We will not sell or rent your information to third parties, or share your information with third parties for marketing purposes. However, we do have Third Party Service Providers working on our behalf:
When you are using our secure online payment pages, or card payment reader at craft events your transaction is processed by a third party payment processor (Stripe, Paypal or Amazon), who specialise in the secure online capture and processing of credit/debit card transactions. When you are using our secure payment device at shows or events, your transaction is processed by a third party payment processor (SumUp), who specialise in the secure in-store processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about our products and services, or be part of our loyalty programmes, then we will not sign you up to our in-store mailing list. Online, there is a box you can tick when placing an order, to choose to stay in touch with us.
How you can access and update your information
The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at or telephone 0788 2885256. You have the right to ask for a copy of the information. You can find more information about your GDPR rights and when they apply in the Information Commissioner’s Guidance on their website.
Security precautions in place to protect the loss, misuse or alteration of your information.
Because your on-line security is our highest priority, Melbourne Soap Company uses Stripe and Paypal as our payment gateway to process on-line payments, and SumUp to provide our merchant services. These are the most secure, innovative and state of the art Internet solutions provider for its clients, with its e-commerce payment and security services among the most advanced in the industry. Security includes: credit/debit card details secured within 128-bit encrypted sessions and sensitive information stored on a heavily encrypted database that is protected by multiple government approved firewalls. Melbourne Soap Company does not hold sensitive information on our site. Should anyone gain unauthorised access to our database, no credit card details or other sensitive information are held on our site. For more information, please visit:
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Use of ‘cookies’
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information about how the website is used. We use the following cookies on our website:
– A number of Google analytics cookies are used to collect information about how visitors use our site. We use the information to compile reports which help us to improve our website
– A temporary session ID cookie is used to make the most efficient use of resources when you are browsing from page to page. The cookie is removed when you leave our website
– A visitor cookie is used to monitor how long a visitor is on our site before they take an action (for example fill in one of our forms to contact us) and also to provide statistics on whether this is a visitor’s first visit to our site.
There is more information to help you on this link:
To opt out of being tracked by Google Analytics across all websites visit
Links to other websites
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
We keep this Policy under regular review. This Policy was last updated in September 2019.