We at Weave The World are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personalinformation in accordance with the General Data Protection Regulation (GDPR).  

1. Who We Are (Data Controller)

Weave The World, kp@nonsilo.services

We are the data controller responsible for the processing of your personal data under this Privacy Policy.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: This includes your name, username or similar identifier, title, date of birth, and gender.

  • Contact Data: This includes your billing address, delivery address, email address, and telephone numbers.  

  • Technical Data: This includes your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website or services.  

  • Usage Data: This includes information about how you use our website, products, and services.

  • Marketing and Communications Data: This includes your preferences in receiving marketing from us and our third parties and your communication preferences.  

  • Transaction Data: This includes details about payments to and from you and other details of products and services you have purchased from us.  

  • Profile Data: This includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.  

We may also collect other types of personal data that are relevant to the specific services we provide to you.

3. How We Collect Your Personal Data

We collect your personal data through various means, including:

  • Direct Interactions: You may provide us with your personal data when you fill in forms on our website, place an order, subscribe to our newsletter, contact us via email or phone, or provide feedback.

  • Automated Technologies or Interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this data by using cookies, server logs, and other similar technologies. Please see our [Link to your Cookie Policy] for more details.  

  • Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties and public sources such as analytics providers, advertising networks, and search information providers.  

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:  

  • Where we need to perform a contract we are about to enter into or have entered into with you.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.  

  • Where we need to comply with a legal or regulatory obligation.  

  • Where you have given consent to the processing for specific purposes.

We may use your personal data for purposes such as:

  • To provide and manage our services.

  • To process and fulfill your orders. * To communicate with you, including responding to your inquiries and providing customer support.  

  • To personalize your experience on our website.  

  • To send you marketing communications where you have opted in to receive them.

  • To improve our website, products, and services.

  • To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).  

  • To use data analytics to improve our website, products/services, marketing, customer relationships and experiences. 

  • To comply with legal and regulatory obligations.

5. Lawful Basis for Processing

We will only process your personal data when we have a lawful basis for doing so. This may include:

  • Consent: You have given us clear consent to process your personal data for a specific purpose. You have the right to withdraw your consent at any time.

  • Contract: The processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.  

  • Legitimate Interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests do not override your rights and freedoms. These legitimate interests include improving our services, marketing our products, preventing fraud.  

  • Legal Obligation: The processing is necessary for us to comply with a legal or regulatory obligation.

6. Disclosure of Your Personal Data

We may share your personal data with the following categories of recipients for the purposes described above:  

  • Service Providers: Third-party service providers who provide services such as website hosting, data analysis, payment processing, email delivery, marketing, and customer support. These providers are contractually obligated to protect your data.  

  • Business Partners: Where necessary to provide our services or with your consent.

  • Professional Advisors: Lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.  

  • Regulatory Authorities: Where we are required to do so by law or to comply with a legal obligation.

  • Third Parties in Case of Business Transactions: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring organization.  

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.  

7. International Transfers

Your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA) thatmay not have data protection laws equivalent to those in the EEA. Where we transfer your personal data outside the EEA, we will ensure that appropriate safeguards are in place to protect your personal data, such as:  

  • Transferring to countries that have been deemed to provide an adequate level of protection by the European Commission.  

  • Using Standard Contractual Clauses approved by the European Commission.

8. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include encryption, firewalls, access controls.  

9. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.  

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.  

10. Your Rights under the GDPR

Under the GDPR, you have the following rights regarding your personal data:  

  • The right to access: You have the right to request a copy of the personal data we hold about you.

  • The right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.  

  • The right to erasure (right to be forgotten): You have the right to request that we delete your personal data under certain circumstances.  

  • The right to restriction of processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.  

  • The right to data portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit that data to another controller.  

  • The right to object: You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.  

  • Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless there is a legal basis for such processing.  

  • The right to withdraw consent: If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.  

11. How to Exercise Your Rights

If you wish to exercise any of the rights set out above, please contact us using the contact details provided in section 1. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.  

12. Changes to Our Privacy Policy

We may update this Privacy Policy from time to time. Any changes we make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Policy.  

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact us at:  

kp@nonsilo.services

Important Considerations:

  • Cookie Policy: Make sure to have a separate and detailed Cookie Policy if you use cookies or similar tracking technologies. Link to it within this Privacy Policy.

  • Specific Processing Activities: Tailor the sections on "Personal Data We Collect" and "How We Use Your Personal Data" to accurately reflect the specific data you collect and how you use it.

  • Legitimate Interests: Clearly define your legitimate interests for processing data where this is your legal basis.

  • Third-Party Services: List the specific categories of third-party service providers you use and the purposes for which they process data.

  • International Transfers: If you transfer data internationally, be specific about the countries and the safeguards you have in place.

  • Data Security Measures: Provide a general overview of your security measures.

  • Data Retention Periods: While you don't need to list exact retention periods for every type of data, provide general guidelines and the criteria you use to determine retention.

  • Contact Information: Ensure your contact information is accurate and up-to-date.