When you interact with us through our website (or otherwise) you may provide, or we may collect, certain information from which you are personally identifiable (which is referred to as personal data). For the purposes of the General Data Protection Regulation or “GDPR” (and all other laws relating to the use your personal data), we are the “data controller”, meaning that we are responsible for deciding how your personal data is used and more importantly, for keeping your data safe and only using it for legitimate reasons.
What information do we COLLECT AND WHAT DO WE USE IT FOR?
You may provide us with the following types of personal information when you interact with us (when using our website or otherwise):
- Identity – first name, surname, country of residence.
- Contact – email address, telephone numbers and address.
- Financial – all financial information is all collected by our payments service provider, Paypal.
We may collect the following types of information from you when you use our website (using Cookies or other tracking technologies):
- Usage – information about how you use our website, including time spent on page, click-throughs, download errors
- Technical – IP address, browser type, hardware type, network and software identifiers, device information, operating system and system configuration
The table below sets out how we use your personal data and our lawful basis for doing so.
|Reason why we use your data||What data||Legal ground for using your data|
|For internal administration and record keeping purposes||All||Necessary to comply with a legal obligation
Necessary for our legitimate interests (for effective business administration and service provision)
|To process payments which you make through our website (and Paypay) for our products||Identity, Contact, Financial||Performance of a contract with you|
|Necessary to comply with a legal obligation|
|Answer your enquiries which may involve contacting you by post, e-mail or phone||Identity, Contact
|Necessary for our legitimate interests (to ensure our customers are informed and satisfied with our services)|
|Administer our website, including website trouble shooting, testing and analysis and to enable you to participate in interactive features of our website||All||Necessary for our legitimate interests (to ensure that our website are fully functional and operating in the most effective way for you)|
|Verify your identity and detect fraud and security issues||All||Necessary for our legitimate interests (to prevent and detect fraudulent activity, security incidents and criminal activity)|
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
WHO DO WE SHARE YOUR DATA WITH?
We share your personal data with third parties to help us deliver our products and services to you in the most effective way possible. These include third parties who assist us with:
- Collecting all payments made on our website – we use a payments service provider for collecting all payments
- Delivering relevant email marketing (to the extent you have not unsubscribed)
- Our customer reviews and surveys
- Personalising the content on our website to ensure a tailored user experience
- Delivering relevant targeted and re-targeted advertising to keep you interested
- Detecting fraud or criminal activity
- Other aspects of our service delivery, such as hosting our website
If we share personal data with third parties, we will ensure that access is limited on a strictly need to know basis and is subject to suitable obligations relating to confidentiality and security. In addition to the above, we may also be required to share your personal data with third parties if required by law or regulation. In such circumstances, we will make sure that the disclosure is only to the extent required by law or regulation.
DO WE SEND ANY OF YOUR DATA OUTSIDE OF THE EEA?
The European Economic Area or “EEA” is seen to have good data protection standards. As such, we limit the occasions when we may need to send your data outside of the EEA. Where we do, for example, where our service providers are based outside of the EEA, we make sure that your data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for sending your data outside the EEA and putting in place all necessary safeguards for such arrangement). Where relevant, you will have the right to see a copy of any safeguards we put in place for international transfers of your data. Just get in touch with us if you would like to find out more.
HOW WE KEEP YOUR DATA SECURE
We have put in place suitable physical, technical and administrative controls to protect your information. Despite the security measures we implement, please be aware that the transmission of data via the internet is not 100% secure. On such basis, we cannot guarantee the security of the information transmitted to us via the internet and any such transmission is at your own risk.
HOW LONG DO WE KEEP YOUR DATA FOR?
We will retain your personal data only for as long as is strictly necessary for the purposes for which such data was originally collected (as referred to above), and thereafter for such longer period as may be required by law.
In certain situations, you are entitled to: (i) access to your personal data; (ii) update your personal data; (iii) erase your personal data; (iv) object to processing of your personal data where we are relying on a legitimate interest; (v) restrict the processing of your personal data; (vi) request the transfer of your personal data to a third party; or (vii) where you have provided your consent to certain of our processing activities, you may withdraw your consent at any time (but please note that we may continue to process such personal data if we have legitimate legal grounds for doing so).
Please contact us (using the details below) if you would like to exercise your rights.
Please note that you also have a right to complain to the Information Commissioner’s Office if you are concerned about the way we are handling your personal data.
This policy may be amended from time to time. Any such changes will be posted on this page. We will notify you of any significant or material changes by placing a prominent notice on our website or emailing you (if appropriate).
If you would like to discuss anything in this policy or if you want to exercise your rights, please get in touch:
LAST UPDATED: JULY 2019