Privacy Policy for Da Vinci's Library

This Privacy Policy describes how Da Vinci's Library ("we," "our," or "us") collects, uses, and discloses your personal information when you visit our website, use our services, or interact with us. Your privacy is of paramount importance to us, and we are committed to protecting your data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Information We Collect

We collect various types of information in connection with the services we provide, which include selling books, hosting events, running workshops, offering café services, bespoke recommendations, and online ordering with local delivery.

• Personal Information You Provide Directly to Us:

  • Contact Details: Your name, email address, postal address, and telephone number when you make a purchase, register for an event, sign up for a book club, or contact us.
  • Payment Information: Details necessary to process your online orders, such as billing address and payment card details. Please note that we do not store full payment card details on our servers; they are processed securely by third-party payment processors.
  • Order Information: Details related to your purchases, including items bought, order history, and delivery preferences.
  • Communication Preferences: Your preferences for receiving marketing communications from us.
  • Interactions: Any information you provide when participating in author events, book clubs, workshops, or when requesting bespoke book recommendations.

• Information Collected Automatically:

  • Usage Data: Information about how you interact with our online platform, such as the pages you view, the links you click, and the time spent on our site.
  • Technical Data: Your IP address, browser type, operating system, device information, and other identifiers that your device sends when you access our online platform.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our service and hold certain information. For more details, please refer to our Cookie Policy below.

2. How We Use Your Information

We use the information we collect for various purposes, primarily to provide and improve our services, communicate with you, and ensure a personalised experience.

• To Fulfill Orders and Provide Services: To process your book purchases, manage online orders, arrange local delivery, and administer your participation in events, book clubs, and workshops.
• Customer Support: To provide you with customer support, respond to your inquiries, and resolve issues.
• Personalisation: To offer you bespoke book recommendations, suggest relevant events, and tailor your experience on our online platform.
• Marketing Communications: To send you newsletters, promotional offers, and information about new books, events, or services that may be of interest to you, based on your communication preferences. You can opt-out of marketing communications at any time.
• Service Improvement: To understand how our online platform is used, improve its functionality, and develop new features and services.
• Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements.
• Security: To maintain the security and integrity of our online platform and data.

3. Legal Basis for Processing (GDPR)

We only process your personal information when we have a valid legal basis to do so. These legal bases include:

• Performance of a Contract: When processing is necessary for the performance of a contract to which you are a party (e.g., fulfilling your book order).
• Legitimate Interests: When processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., improving our services, preventing fraud, direct marketing where permitted).
• Consent: When you have given your explicit consent for us to process your personal data for a specific purpose (e.g., subscribing to our newsletter). You have the right to withdraw your consent at any time.
• Legal Obligation: When processing is necessary for compliance with a legal obligation to which we are subject (e.g., tax and accounting requirements).

4. Sharing Your Information

We do not sell your personal information. We may share your information with trusted third parties only in the following circumstances:

• Service Providers: We engage third-party service providers to perform functions on our behalf, such as payment processing, website hosting, email delivery, and local delivery services. These providers have access to the personal information needed to perform their functions but are prohibited from using it for other purposes.
• Legal Compliance: If required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
• Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
• With Your Consent: We may share your information with other third parties when we have your explicit consent to do so.

5. International Data Transfers

We primarily store and process your data within the UK and European Economic Area (EEA). If we transfer your personal data outside the UK/EEA, we will ensure appropriate safeguards are in place to protect your data as required by GDPR, such as using standard contractual clauses or relying on adequacy decisions.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction. However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

8. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

• The Right to Access: You have the right to request copies of your personal data.
• The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data, under certain conditions.
• The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
• The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
• The Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided below.

9. Cookies Policy

Our online platform uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and for marketing purposes. Cookies are small data files placed on your device. You have the option to accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of our service.

• Strictly Necessary Cookies: Essential for the operation of our online platform (e.g., enabling secure login or shopping cart functionality).
• Analytical/Performance Cookies: Allow us to recognise and count the number of visitors and see how visitors move around our online platform. This helps us improve the way our service works.
• Functionality Cookies: Used to recognise you when you return to our online platform, enabling us to personalise content for you (e.g., remembering your preferences).
• Targeting Cookies: Record your visit to our online platform, the pages you have visited and the links you have followed. We will use this information to make our online platform and the advertising displayed on it more relevant to your interests.

You can manage your cookie preferences through your browser settings.

10. Links to Other Websites

Our online platform may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

11. Children's Privacy

Our services are not directed to anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under 13. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "last updated" date. We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions about this Privacy Policy, our data practices, or if you wish to exercise any of your data protection rights, please contact us:

Da Vinci's Library

7 The Maltings,

Bridge Street,

Bath, Somerset,

BA1 5EE, UK

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.