Privacy Policy

Oh, hey there! If you’re concerned about your privacy, then you’ve come to the right place…

At The Cake Thief, we are committed to maintaining the trust and confidence of our favourite people: YOU; our number one customer. In particular, we want you to know that The Cake Thief is not in the business of selling, renting or trading your information with other companies for business or marketing purposes, other than those outlined below.

As a maker and small business owner I, Jessica Coombs, owner of The Cake Thief have a professional responsibility for the safeguarding of all personal information of all of my customers. This includes the privacy of information given to us for the purpose of all transactions made at any given time. This is in line with the EU regulations of GDPR (General Data Protection Regulation)

FYI –
The use of ‘We’, ‘Us’, and ‘Our’ throughout this document refers to ‘The Cake Thief’
Without further ado, let’s move onto the serious stuff…

Who we are

Our website address is: https://thecakethief.co.uk.

This Privacy Policy describes how and when I, Jessica Coombs, owner of The Cake Thief collect, use, and share information when you purchase an item from me, contact me, or otherwise use my services through Paypal, Facebook, Instagram or its related sites and services.

This Privacy Policy does not apply to the practices of third parties that I do not own or control, including Facebook, Instagram, Paypal or any third party services you access through these platforms. For more information on the privacy policies of the third parties I use, please visit the following links;

  • Facebook and Messenger Privacy Policy: https://www.facebook.com/policy.php
  • Instagram Privacy Policy: https://help.instagram.com/519522125107875?helpref=page_content
  • Paypal Privacy Policy: https://www.paypal.com/uk/webapps/mpp/ua/privacy-prev
  • Royal Mail Privacy Policy: https://www.royalmail.com/privacy-notice

Information I collect

To fulfil your order, you must provide me with certain information (which you have authorised either via this website or Paypal to provide to me or have provided via private messaging services such as Facebook Messenger or Instagram Direct, such as your name, email address, postal address, payment information, and the details of the product that you’re ordering. You may also choose to provide me with additional personal information (for a custom order of a card, for example), if you contact me directly through e-mail, or through Facebook or Instagram messaging.

Why I Need Your Information and How I Use It

I rely on a number of legal bases to collect, use, and share your information, including:

  • As needed to provide my services, such as when I use your information to fulfil your order, to settle disputes, or to provide customer support;
  • When you have provided your affirmative consent, which you may revoke at any time, such as by signing up for my mailing list or consent to use photographs of personalised items you have purchased.
  • If necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law; and
  • As necessary for the purpose of my legitimate interests, if those legitimate interests are not overridden by your rights or interests, such as 1) providing and improving my services. I use your information to provide the services you requested and in my legitimate interest to improve my services.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

Information about my customers is important to my business. I share your personal information for very limited reasons and in limited circumstances, as follows:

  • If you request a password reset, your IP address will be included in the reset email.
  • Service providers. I engage certain trusted third parties to perform functions and provide services to my shop, such as delivery or fulfilment companies. I will share your personal information with these third parties, but only to the extent necessary to perform these services.
  • Business transfers. If I sell or merge my business, I may disclose your information as part of that transaction, only to the extent permitted by law.
  • Compliance with laws. I may collect, use, retain, and share your information if I have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce my agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of my customers, or others.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

I retain your personal information only for as long as necessary to provide you with my services and as described in my Privacy Policy. However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes, and to enforce my agreements. I generally keep your data for the following time period: 4 years.

What rights you have over your data

If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. I describe these rights below:

  • Access: You may have the right to access and receive a copy of the personal information I hold about you by contacting me using the contact information below.
  • Change, restrict, delete: You may also have rights to change, restrict my use of, or delete your personal information. Absent exceptional circumstances (like where I am required to store data for legal reasons) I will generally delete your personal information upon request.
  • Object: You can object to (i) my processing of some of your information based on my legitimate interests and (ii) receiving marketing messages from me after providing your express consent to receive them. In such cases, I will delete your personal information unless I have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
  • Complain: If you reside in the EU and wish to raise a concern about my use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

How to Contact Me

For purposes of EU data protection law, I, Jessica Coombs (owner of The Cake Thief), am the data controller of your personal information. If you have any questions or concerns, you may contact me at hello@thecakethief.co.uk.

Alternatively, you may mail me at:
Jessica Coombs, Three Tuns Bungalow, Somerset, UK, BA3 4RZ