Crochet Animal Keychain Pattern – Amigurumi Cat, Bunny, Duck, Frog, Puppy (PDF Pattern)

Digital downloads

File delivery

Your files will be available to download once payment is confirmed.

Payment Options

• Accepts Etsy gift cards

Returns & Exchanges

I don't accept returns, exchanges, or cancellations

But please contact me if you have any problems with your order.

Privacy policy

As a professional working in a creative field, it is important to effectively protect information about your customers and to comply with data protection laws. When placing an order or contacting you for a possible purchase, buyers provide you with a certain amount of personal information such as their name, postal address, email and telephone number. The General Data Protection Regulation (GDPR) and other local data protection laws define the framework within which such personal information is obtained and processed, and also ensure the confidentiality of Internet users. According to these laws, buyers may obtain certain information concerning the collection, use and sharing of their personal data (user identity, date, mode, reason and purpose).

If you are a seller in the European Union or offer products to European buyers, the GDPR concerns you, so you need to add privacy rules to your shop. Many other countries have also adopted data protection laws similar to the GDPR, so whether they sell in Europe or not, we recommend that all sellers create a privacy regulation. Data protection legislation is complex and varies from country to country. If you are not really sure if you are affected by the GDPR or other data protection laws, or if you need advice for your particular case, consult a lawyer who will be able to provide you with information.

This article presents you with the best practices to apply for sending marketing messages and drafting privacy rules for your Etsy store. You will also find an example of privacy rules that could be seen in a typical Etsy shop.
Marketing messages: good practices

Before you re-contact your buyers via the email address they have given you, for example to send them your newsletter or show them new products, you must take certain elements into account. According to the law of many countries, and in particular in Europe, you must obtain the prior “explicit consent” of your buyers if you wish to send them marketing or promotional messages. Explicit consent means that you can only send marketing messages to a buyer if he has specified to consent to this through a clearly affirmative action. This is the case, for example, when a buyer agrees in an Etsy conversation or in an email to receive marketing messages from you. Even if you get a buyer's email address via Etsy to help you process a transaction, you need to get explicit consent before sending them marketing messages. Remember that, after obtaining this explicit consent, you must still respect the request of any buyer who would like to stop receiving marketing messages from you. Consent may be revoked at any time.

Remember that sending unsolicited advertisements or promotions via Etsy conversations is prohibited by the rules of the site. It is even a criminal offence in some countries. Consult a lawyer before using a buyer's personal information other than to process the order he has placed you, provide the customer service or send him marketing messages if he has given you his explicit consent.
Create privacy rules for your shop

Your privacy rules should essentially explain to your buyers how and for what purpose you are going to use their personal information. For example, the Etsy Confidentiality Rules provide a detailed description of the information we collect and receive, and explain how and for what purpose it is used and communicated. You will soon see in your Etsy shop an additional field in terms of your conditions of use, in which you can fulfil confidentiality rules that will be visible to your buyers. As soon as this field is available, we will inform you accordingly.

Here's an example of privacy rules that you might find in a shop. You can use it to write your Etsy shop. We have added comments indicating which elements are more specifically in line with the requirements of the GDPR. Since the needs and practices of each Etsy shop are different, you will have to customize this model to reflect yours.

Vendor Etsy: Nathan Martin, Paris Nathan's Confidentiality Rules

Nathan Martin resides in France and sells jewellery on Etsy since 2014. Its buyers come mainly from France, Germany and Italy, but its items are offered for sale worldwide. Over the past six months, his business has become increasingly successful, and Nathan has therefore begun to use the services of a third-party carrier to help process its orders. It uses Google Cloud to store some of its buyers' personal information.

In the context of the GDPR, Nathan must communicate certain elements to its customers via its privacy rules, including:

the personal information it collects;
the legal basis on which it relies to collect, use and share such information;
the third parties with whom it shares them;
the period during which he shall keep them;
if he transfers personal information outside Europe (for example, if he moves his business to the United States but continues to sell to European buyers, or if he uses the services of a third party company outside Europe, or uses Google Cloud to store some of its buyers' information), how this transfer will be handled;
the rights of its purchasers with regard to its use of their personal information; and
how its buyers can contact it for any query regarding confidentiality.

Visit the European GDPR support website and read Articles 13 and 14 to find out more precisely what information you need to indicate in your privacy rules to comply with the GDPR.

To comply with the GDPR, the following is how Nathan could present its privacy rules to its customers:

These privacy rules describe how I collect, use and share information, as well as on what occasions, when you place an order with me or use my services via Etsy.com or the sites and services that are linked to it.

These rules do not apply to third-party practices that I do not own or control, including Etsy or any third party services that you can access via Etsy. You can consult the Etsy Privacy Regulation to find out more about the site's practices. Nathan would then have to detail the following topics:
1. The personal information it collects

He must explain what kind of information he collects from buyers, why he needs it, how he uses it to process his orders, what third parties he communicates them to and for how long he keeps them. Here is an example:

The information I collect

To process your order, you must provide me with certain information (which you have allowed Etsy to transmit to me), including your name, email, postal address, payment details, as well as the description of the product you are ordering. You can also decide to provide me with certain additional personal information (for a personalised jewellery order, for example), by contacting me directly.
2. The legal bases on which it relies to collect, use and share personal information

According to the GDPR, you need to explain the legal bases on which you rely to collect, use and share personal information. These include, for example, the explicit consent of a buyer to the receipt of marketing messages, compliance with legal obligations, as well as the use of personal information by the seller in the context of its legitimate interests (such as the improvement of its services). Nathan's confidentiality rules should explain as clearly as possible where and how he refers to these different legal bases. For example:

Why I need your information and how I use it

I use a number of legal bases to collect, use and share your information, including:

to provide my services to you, for example when I use your information to process your order, resolve a dispute or provide customer service;
when you have given me your explicit consent, you can revoke at any time, for example by subscribing to my newsletter;
if necessary, in order to fulfil a legal obligation, a legal judgment or in connection with a request from the court, such as keeping information about your purchases under tax legislation; and
if necessary, to serve my legitimate interests, in the event that these legitimate interests are not invalidated by your rights or interests, such as 1) providing and improving my services. I use your information to provide the services you have requested from me and in my legitimate interest to improve these services; and 2) compliance with the sellers' Rules and Etsy Terms of Use. I use your information, if necessary, to comply with my obligations under the Seller Rules and the Etsy Terms of Use.

3. 3. Third parties with whom it shares personal information

Under the GDPR, you must detail the personal information you provide to third parties. Nathan must therefore explain to his buyers why, when and with whom he may have to share their personal information. For example:

Sharing and dissemination of information

Information about my clients is important for my business. I only share your personal information for a very limited number of reasons, as well as in a limited number of circumstances such as:

Etsy. I share your information with Etsy when necessary to provide my services to you and to comply with my obligations under the Sellers' Rules and Etsy Terms of Use.
Service providers. I use certain third parties that I trust to carry out certain actions or provide certain services for my shop - transport companies for example. I may have to share your personal information with these third parties, but only those that are essential for the performance of these services.
Transfers of activity. If I sell my company or merge it with another, I may have to disclose your information in connection with this transaction but only to the extent permitted by law.
Compliance with legislation. I may have to collect, use, store and share your information if I believe in good faith that it is necessary and reasonable to: (a) respond to a legal process or a request from the state; (b) enforce my agreements, terms or regulations; (c) prevent, investigate or manage any fraud or other illegal activity, or any technical or security problem; or (d) protect the rights, property and safety of my customers or others.

4. The length of time it keeps the personal information

Under the GDPR, you must inform your customers of the period during which you retain personal information. Nathan must specify the period during which he must keep information for his business as well as in order to comply with any legal or fiscal obligation. It must ensure that it does not keep these data for longer than is necessary. For example:

Data retention

I shall keep your information only for as long as necessary to provide my services to you and for the purposes established in my privacy rules. I may also have to keep this information in order to comply with legislative and legal obligations, to resolve disputes and to enforce my commitments. I usually keep them for a period of: 4 years.
5. In the case of a transfer of personal information outside Europe, how does it take place

Dans le cadre du RGPD, vous devez informer vos clients du transfert éventuel d'informations personnelles en dehors de l'Union Européenne et leur indiquer sur quelles bases légales vous vous appuyez pour cela ; par exemple, leur consentement et une nécessité contractuelle. Nathan utilise Google Cloud, qui répond aux exigences du Bouclier de protection des données (« Privacy Shield »). Il doit donc expliquer à ses acheteurs que le Privacy Shield lui sert de cadre légal pour transférer leurs informations personnelles en dehors de l'Union Européenne. Par exemple :

Transfers of personal information outside the EU

I can potentially store and process your information via third-party hosts located in the United States or other countries. It may therefore happen to me to transfer your personal information to a jurisdiction where the data protection and government surveillance laws are different from that of your country. If I have to transfer your personal information outside the European Union, I rely on the Privacy Shield as the legal basis for this, with Google Cloud benefiting from the Privacy Shield certification.
6. The rights of its purchasers to use their personal information and contact details

To comply with the GDPR, Nathan must complete by explaining to its buyers what their rights regarding the information they provide to it on Etsy. It must also provide contact details to contact them and to make it clear to buyers that it is the data controller with regard to their personal information. For example:

Your rights

If you are a resident of certain territories, and in particular of the European Union, you have certain rights relating to your personal information. Some of these rights apply in general, while others apply only in limited cases. These rights are described below:

Access. You may have the right to access and receive a copy of personal information about you by contacting me. You will find my coordinates below.
Amend, restrict, delete. You may also have the right to change your personal information, restrict my use of it or delete it. Outside of exceptional circumstances (e.g. if I had to keep my shop-related data for legal reasons), I would usually delete your personal information on simple request.
Oppose. You can object 1) to process some of your information in my legitimate interests and 2) to receiving marketing messages from me after having explicitly consented to receive it. In these specific cases, I will delete your personal information unless there are legitimate grounds for continuing the use of it, or in cases where it is necessary for legal reasons.
Complain. If you live in the European Union and you wish to express concern about my use of your information (and without infringing any other rights you may have), you can do so with your local data protection authorities.

How to contact me

As part of the European data protection law, I, undersigned, Nathan Martin, am the data controller with regard to your personal information. If you have any questions or concerns, you can contact me at my email nmartin.com. You can also send me a letter to the following address:

Nathan Martin 32b rue du Faubourg, Paris 75008

If a customer contacts you to exercise their right to access, rectify or delete personal information held by Etsy, contact Etsy.com/help or tell your customer to address their request directly to Etsy.

Nathan's privacy rules have been drafted to guide you in terms of information to include in your rules. If you use them as a model, consider adapting them so that they are relevant to your shop. Replace details with your own, including your name, business name, email and newsletter settings (if you have one). The sections "Why I need your information and how I use it" and "Personal information transfers outside the EU" should be customised according to how you work. Adapt the tone of your Rules to ensure that it is consistent with your brand, and add or delete information based on your specific activity. For example, if you're working in your Etsy store, you can change the pronouns "I" and "me" with "us" to represent you more accurately.

Applying these best practices to sending marketing messages and drafting privacy rules for your shop will help you meet your obligations under the GDPR. You will also show your buyers that you value their privacy and that you take their interests to heart.

To keep abreast of important new features for your Etsy store and the latest features, and receive personalised advice that could help you grow your business, think about subscribing to our emails for sellers.

The information contained in this article is not formal and is provided for information purposes only. They may in no way replace an authorised legal opinion. They are not intended to establish a lawyer-client relationship, and the consultation of them does not constitute such a relationship. The Editor and Etsy, Inc. shall not be liable for any damage, loss or action arising out of or associated with the use of such information. For any specific legal question or problem, you must consult a professional lawyer.