The privacy of your data — and it is your data, not ours! — is a big deal to us.
Identity & Access
When you contact Prettiest Parties or make a booking enquiry, we ask for your name, email address, phone number, party address, the name of your child, the age of your child and other less personal information. This is so that we can ensure we can provide you with the most accurate information regarding your booking, contact you to provide you with important information and ask questions. We'll never sell your personal info to third parties, and we won't use your name in marketing statements without your permission, either.
When you pay for your party, you have the option of paying by bank transfer or a credit/debit card. To process credit and debit cards we ask for your credit or debit card and billing address. Your credit or debit card information is passed directly to our payment processor and doesn't ever go through our servers. We store a record of the payment transaction, including the last 4 digits of the credit or debit card number, for acconut history, invoicing and billing support.
When you communicate with Prettiest Parties, we'll keep that correspondence, and the contact information, for future reference. When you browse our marketing pages, we'll track that for anonymously for stastical purposes. We also store any information you volunteer, like surveys, for as long as it makes sense.
The only times we'll ever share your info:
- To provide products or services you've requested, with your permision.
- To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
Your Rights With Respect to Your information
You may have heard about the General Data Protection Regulation (“GDPR”) in Europe. GDPR gives people under its protection certain rights with respect to their personal information collected by us on the Site. Accordingly, Prettiest Parties recognizes and will comply with GDPR and those rights, except as limited by applicable law. The rights under GDPR include:
- Right of Access. This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
- Right to Correction. This is your right to request correction of your personal information.
- Right to Erasure. This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession (also known as the “Right to be forgotten”). However, if applicable law requires us to comply with your request to delete your information, fulfillment of your request may prevent you from using Basecamp services and may result in closing your account.
- Right to Complain. You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
- Right to Restrict Processing. This is your right to request restriction of how and why your personal information is used or processed.
- Right to Object. This is your right, in certain situations, to object to how or why your personal information is processed.
- Right to Portability. This is your right to receive the personal information we have about you and the right to transmit it to another party.
- Right to not be subject to Automated Decision-Making. This is your right to object and prevent any decision that could have a legal, or similarly significant, effect on you from being made solely based on automated processes. This right is limited, however, if the decision is necessary for performance of any contract between you and us, is allowed by applicable European law, or is based on your explicit consent.
If you have questions about exercising these rights or need assistance, please contact us at firstname.lastname@example.org.
Processors we use
Prettiest Parties uses third party data processors, such as cloud computing providers and customer support software, to provide our services. We enter into GDPR-compliant data processing agreements with each data processor, extending GDPR safeguards everywhere personal data is processed.
- Google Analytics - Web analytics service
- Hotjar - Web analytics service
- Mailchimp - Email newsletter service
- Digital Ocean - Cloud services provider
- Zoho - Email and cloud software provider
- Capsule - Customer relationship management service
Security and Encryption
All data is encrypted via SSL/TLS when transmitted from our servers to your browser. The tools and software we use for storing customer information also encrypt all transmitted data via SSL/TLS, and encrypt the information at rest. For more information please see the specific privacy and security policies of each data processor.
Upon receiving final payment and confirming that all services have been provided correctly, we will delete any personal data that we hold. Contact information may be held for marketing purposes if you opted in during the booking enquiry.
Location of site and data
This Site is operated in the United Kingdom. If you are located outside of the United Kingdom, please be aware that any information you provide to us will be transferred to the United Kingdom. By using our Site, participating in any of our services and/or providing us with your information, you consent to this transfer.
Changes and questions
Prettiest Parties may update this policy once in a blue moon — if you are affected, we’ll notify you about significant changes by email, or by placing a prominent notice on our site. You can access, change or delete your personal information at any time by contacting us at email@example.com.