Privacy Policy

Owner Privacy Policy: 

PRIVACY POLICY

This Privacy Policy outlines the types of personal information we gather when you use our services, as well as some of the steps we take to safeguard it.

ENTITY NAME is committed to protecting your privacy. We will only use the information that we collect about you lawfully (in accordance with the Data Protection Act 1998). We collect information about you to process your order and to provide you with the best possible service in the future. We do not send unsolicited mail and give you the opportunity to refuse marketing email from us. 

Information we need:

For us to process your order, we need to know your name, email address, delivery address and credit/debit card details. We will never collect sensitive information about you without your explicit consent. If we intend to transfer your information outside the EEA (European Economic Area) we will always obtain your consent first. The information we hold will be accurate and up to date. You can check the information that we hold about you by emailing us at privacy@youremailaddress.com

Information sharing

  • We do not rent or sell your personally identifying information to other companies or individuals. We may share such information only under the following conditions: 
    • We have your consent. 
    • We provide such information to trusted partner businesses or persons for the sole purpose of processing personally identifying information on our behalf. When this is done, it is subject to agreements that oblige those parties to process such information only on our instructions and in compliance with this Privacy Policy and appropriate confidentiality and security measures. 
    • We conclude that we are required by law or have a good faith belief that access, preservation or disclosure of such information is reasonably necessary to protect the rights, property or safety of ENTITY NAME, its users or the public.
  • We may store and process personal information collected on our site in the United Kingdom or any other country in which ENTITY NAME or its agents maintain facilities.

Updating your information

  • We provide mechanisms for updating and correcting your personal information. You may edit your personal information online and contact the company if you have queries about the accuracy of any other information that we hold. 
  • If we find inaccuracies in the information that we hold we will delete or correct it promptly. 

    The only information that we hold is what you tell us about yourself, your orders and your earnings calculations from us. We do not collect private information other than the minimum required for us to acurately manage your account with ENTITY NAME.

Security of personal information

  • We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. We restrict access to your personally identifying information to employees who need to know that information in order to operate, develop or improve our services. 
  • When you enter credit card information in relation to a purchase made on the ENTITY NAME website you will be directed to one of our secure payment gateway providers approved by our bank. In this case, it will be YOUR MERCHANT PROVIDER. The secure servers ensure that all details are encrypted at your browser before they are sent to our Payment Gateway Provider through the Internet. 

    We do not hold credit card information that you submit through the website as this information is sent directly to our bank approved Payment Gateway Provider. 

  • We may use technology to track the patterns of behaviour of visitors to our site.

Cookies

  • If you feel uncomfortable with cookies, then you can always disable them after you have logged in (or registered). Alternatively there is an option to be prompted every time a website wants to set you a cookie. This allows you to accept or reject each cookie in turn.

 

Data Protection

The Data Protection Act 1998 requires us, to be open about our holding and use of personal data. It also entitles individuals to find out from us what personal data is held about them on computer, to have that information corrected or erased if it is inaccurate, and to claim compensation if they can prove they have suffered damage from an inaccuracy or breach of security. ENTITY NAME is committed to upholding the eight Data Protection Principles of good information handling practice.

The Data Protection Principles

We fully comply with the Data Protection Principles in relation to the personal data we hold. Broadly they state that personal data shall:

  1. Be obtained and processed fairly and lawfully.
  2. Be processed only for limited purposes which are described in the register entry.
  3. Be adequate, relevant and not excessive in relation to the purpose for which they are held.
  4. Be accurate and, where necessary, kept up to date.
  5. Be held no longer than is necessary for the purpose for which they are held.
  6. Be processed in accordance with the data subjects' rights.
  7. Be surrounded by proper security.
  8. Not be transferred to countries outside the EEA without adequate protection. 

For further details about the Data Protection Act, please contact The Information Commissioner:

The Information Commissioners Office 
 

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
England

Information Line:

+44 (1625) 545745

Switchboard:

+44 (1625) 545700

Website:

www.dataprotection.gov.uk

Changes to this Policy

Please note this Privacy Policy will change from time to time. We expect most such changes to be minor, but there may be changes that are more significant. We will at all times comply with the data protection legislations in the United Kingdom.

Any disputes arising from this Privacy Policy shall be settled under English Law.

If you have any additional questions, please feel free to contact us.

 

GDPR COMPLIANCE

In line with current advice we have layered our privacy notice into readable and understandable chapters to enable you to quickly go to the topic of most importance to you. We have also set out our privacy policy as one whole document for those who wish to read everything. Click on the relevant link below.

  1. Whole policy
  2. Identity and contact details of the Controller of your Personal Data
  3. The purposes and legal basis for processing your Personal Data
  4. Legitimate Interests
  5. Recipients (people to whom we will pass your Personal Data) of your Personal Data
  6. Transfers of your Personal Data to a foreign country
  7. How long we will keep your Personal Data
  8. Your GDPR Rights
  9. Your right to object to the processing of your Personal Data
  10. Your right to lodge a complaint with the Information Commissioner
  11. Whether it is necessary for you to provide your Personal Data
  12. Do we use automated decision making

1. WHOLE POLICY

Please see the following pages.

2. Identity and contact details of the Controller of your Personal Data

The Controller of your Personal data is:

CONTROLLER NAME

Address: CONTROLLER ADDRESS

 Email: CONTROLLER EMAIL

3. The purposes and legal basis for processing your Personal Data

We will process (use) your Personal Data for the following purposes:

  • Providing you with any brochure you have asked us to provide
  • Sending emails to you marketing our goods and services. Each email will include a link to enable you to stop the sending of such emails
  • Providing, at your request, you with a quotation (or estimate) and/or information concerning the goods and/or services you are interested in ordering from us
  • Supplying the goods and/or services ordered by you
  • Contacting you concerning your order
  • For payment of our charges
  • For accountancy purposes including but not limited to disclosing those of your Personal Data as appears on our invoice to our accountants and/or auditors if requested by them to enable our annual accounts to be prepared
  • The use by us of analytical software concerning our web site
  • The support and maintenance of our web site and other software used by us or those who will process your Personal Data on our behalf
  • Sending you, from time to time, emails about similar goods and services we offer. Each email will include a link to enable you to stop the sending of such emails

The lawful basis for the processing of your Personal Data for the first two purposes listed above is the consent you have given to us.

The lawful basis for the processing of your Personal Data for the next four purposes listed above is provided by Article 6.1(b) of the General Data Protection Regulation.

We have a "legitimate interest" under Article 6.1(f) of those regulations for all the other purposes listed above and for more information on this please see section 4 below.

4. Legitimate Interests

We have a "legitimate interest" under Article 6.1(f) of the General Data Protection Regulation to process your Personal Data for some of the purposes mentioned in section 3 above. As required by that regulation we give the following further information for each of those purposes:

  • Processing your Personal Data for accountancy purposes including but not limited to disclosing those of your Personal Data as appears on our invoice to our accountants and/or auditors if requested by them to enable our annual accounts to be prepared
  • The use by us of analytical software concerning our web site. This will enable us to improve users’ experiences of our web site
  • Processing your Personal Data for the support and maintenance of our web site and other software used by us or those who will process your Personal Data on our behalf. This will ensure the proper support and maintenance of our business systems.
  • Sending you, from time to time, emails about similar goods and services we offer. This will enable you to be aware of developments in the goods and services we offer our customers. Each email will include a link to enable you to stop the sending of such emails

5. Recipients (people to whom we will pass your Personal Data) of your Personal Data

We will only pass your Personal Data to the following:

  • The contractors we used for delivering goods and/or services to you. From time to time we may change those contractors or use one or more contractors for delivery.
  • The electronic payments provider used by us to collect our charges from you who are
  • Our Accountants
  • Our Auditors
  • Third parties who will process your Personal Data on our behalf
  • Third parties who maintain our web site
  • Third parties who support and maintain our business software

6. Transfers of your Personal Data to a foreign country

Your Personal Data will not be transferred by us to any country outside of the United Kingdom or the European Union

7. How long we will keep your Personal Data

We will keep your Personal Data:

  • until the end of the seventh financial year after your last purchase of goods and/or services from us or
  • where there is no purchase until the end of the third financial year after you provided your Personal Data to us

8. Your GDPR Rights

In addition to the rights mentioned in Sections 9 and 10, the General Data Protection Regulation grants you, as a Data Subject the following Rights:

  • Under Article 15 of the Regulation the right to have confirmation of the processing of any Personal Data of yours, together with the right to a copy (free of charge) of your Personal Data if it is being processed. This article also gives you the right to have information concerning the processing of your data as earlier set out in this policy.
  • Under Article 16 of the Regulation the right to have any erroneous Personal Data Rectified without delay.
  • Under Article 17 of the Regulation the right to have your Personal Data erased (also known as "The Right to be Forgotten"). You should note that this Right may only be exercised by you in the circumstances set out in Article 17.
  • Under Article 18 of the Regulation the right to have the processing of your Personal Data restricted:
    • If the accuracy of the Personal Data is contested by you for a period which is long enough for us to verify the accuracy of your Personal Data
    • If our processing of your Personal Data is unlawful and you prefer to have the processing restricted rather than having your Personal Data erased
    • We no longer need to process your Personal Data, but you wish to have it preserved to establish or exercise or defend a legal claim
    • You have exercise your right to object to our processing of your Personal Data pursuant to Article 21 of the Regulation (see Section 9 below)

The restriction the exercise of the above right imposes is that save for the storage of your Personal Data your Personal Data will not be processed by us.

  • Under Article 20 of the Regulation you have the right to receive a copy of your Personal Data that you have provided to us either in relation to any processing consent you have given to us or in respect of the negotiation of a contract for you to purchase our goods and/or services and the fulfilment of any such contracts. You also have the right under this Article to instruct us to transmit your Personal Data as described to another Controller. The Article provides that the data must be provided to you or transmitted to another Controller in a structured, commonly used and machine-readable format" and we will use the format of [XML] [CSV file].

In the first instance you may exercise any of the above rights by sending an email to us at [] or by letter to the Controller sent by ordinary post. It will be important for us to confirm your identity if you choose to exercise any of these rights and you will be asked to provide reasonable proof of your identity by providing a copy of your driving licence or passport and a copy of a utility bill in your name if you do not do so at the time you initially seek to exercise one of the above rights. Such identity documentation will be destroyed by us once your identity is proven to our reasonable satisfaction.

9. Your right to object to the processing of your Personal Data

Under Article 21 of the General Data Protection Regulation you have the right at any time to object to our processing of your Personal Data. If you make use of this right our duty is to cease processing your data unless we can show an overriding legitimate interest to keep processing your Personal Data (such as processing some or all of your Personal Data for accountancy purposes).

In the first instance you may exercise this right by sending an email to us at [] or by letter to the Controller sent by ordinary post. It will be important for us to confirm your identity if you choose to exercise this right and you will be asked to provide reasonable proof of your identity by providing a copy of your driving licence or passport and a copy of a utility bill in your name if you do not do so at the time you initially seek to exercise one of the above rights. Such identity documentation will be destroyed by us once your identity is proven to our reasonable satisfaction.

10. Your right to lodge a complaint with the Information Commissioner

Under Article 77 of the General Data Protection Regulation you have the right to complain to the Information Commissioner about any alleged breach by us of the General Data Protection Regulation.

11. Whether it is necessary for you to provide your Personal Data

It is necessary for you to provide us with your Personal Data:

  • To enable us to provide the brochure requested; and
  • To ensure that we can enter a contract with you to provide goods and/or services. If you do not provide us with your Personal Data we will be unable to provide our goods and services.

12. Do we use automated decision making?

We do not use automated decision making.