Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a users computer or device.
When you use our site, there are a number of ways in which you provide information, and other data to us. By using this site or via social media interaction, you consent to us processing and collecting this data, on the terms and for the reasons which are explained below. The types of personal data you provide to us may include:
- Contact information (such as name, postal address, email address and mobile or other phone number)
- Age or Date of Birth
- Username and password, nickname/screen name
- Payment information (such as your payment card number, expiration date, and card security code)
- Shipping and billing information (such as delivery address, and billing address)
- Purchase history
We may use your information to:
- Send you email newsletters
- Make payments for the purchase of goods & services.
- Ensure that content from our site is presented in the most effective manner for you and your computer.
- Provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- Carry out our obligations arising from any contracts entered into between you and us.
- Allow you to participate in interactive features of our service, when you choose to do so.
- Notify you about changes to our service.
If you do not want us to use your information for marketing purposes, please inform us by writing to firstname.lastname@example.org
Legal Basis for our use of Information:
We will use the information you provide for the above purposes if:
- it is necessary to perform a contract to which you are party (e.g., to process your payment and deliver the products you have ordered); or
- we have obtained your consent; or if
- we have a legitimate interest in doing so (including a legitimate interest in performing marketing activities, research activities, data analytics, internal administration functions, processing and enforcing legal claims and conducting our business in compliance with all applicable laws, relevant industry standards and our policies).
All information you provide to us is stored in our secure servers. Any payment transactions will be encrypted using SSL technology.
We do not store credit card details nor do we share customer details with any third parties.
We take your privacy very seriously, and will take all reasonable steps to protect your personal data, but please be aware that any data which you send to our site is sent at your own risk.
Data Security & Protection:
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Email Marketing Messages & Subscription:
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences otherwise contact the EMS provider.
Our EMS provider is; Active Campaign. We hold the following information about you within our EMS system;
- First Name
- Email address
- I.P address
- Subscription time & date
Disclosure of your Information:
We may disclose your personal information to any of our group companies (which means our subsidiaries), our ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 1985) and also to third parties in the following circumstances:
- To any prospective seller or buyer of all (or part of) our business or assets;
- If we are required to do so by law, any applicable regulation or to protect the rights, property, or safety of ourselves or others. This may include disclosing to other companies and organisations in connection with fraud protection and credit risk reduction.
We may also use third-party platforms, including platforms operated by social networks, such as Google, Instagram, Youtube, Facebook and Pinterest, to show you interest-based ads. To opt-out of these ads, you must change your preferences by clicking on the cookie control tool above and unselect the “targeting” setting. These platforms may have their own privacy notices or policies, which we strongly suggest you review.
We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.
Some cookies are required to enjoy and use the full functionality of this website.
Your rights in relation to personal data:
You have the right under the Data Protection Act to access the information which we hold about you. If you wish to exercise this right, please send your request to email@example.com. We will always correct or delete any data once made aware of the request as such. If you would like to remove your data from our records please contact firstname.lastname@example.org.