PRIVACY POLICY
Last modified 29th December 2020
1. CONTENTS
- CONTENTS
- INTRODUCTION
- THE DATA CONTROLLER
- COOKIES
- DATA COLLECTED BY OUR SHOP
- DATA COLLECTED BY THIRD PARTIES ON OUR BEHALF
2. INTRODUCTION:
We protect your personal data in line with the requirements of the General Data Protection Regulation (GDPR). The GDPR requires data controllers such as ourselves to document our lawful basis for processing personal data. It also gives you rights over how your data is processed. This privacy policy documents the data we collect, why and how we process it, and how to exercise your rights.
2.1 THE DATA CONTROLLER:
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We use Woocommerce to keep your information safe and inaccessible to other internet users. Click here for more information on Woocommerce site and data security.
2.2 LAWFUL BASIS FOR PROCEEDING:
For each method by which we collect personal data, this privacy policy documents our lawful basis for processing the data. Where we rely on your consent to process your data, we explain how you can withdraw your consent and delete your data.
2.3 INDIVIDUAL RIGHTS:
The GDPR gives you rights over how your personal data is processed. You can exercise your rights by contacting us. In some cases you can also exercise your rights through automated systems, as described at the relevant points in this privacy policy.
2.4 SECURITY:
The GDPR requires us to implement appropriate technical measures to protect data. We verify the identity of any individual who requests access to data before granting access. We use Transport Layer Security (TLS, also known as SSL) to encrypt any data you supply to us through our website. Additional technical measures are described at the relevant points in this privacy policy.
2.5. DISCLOUSURES:
In addition to any sharing of data described elsewhere in this privacy policy, we may disclose data for legal reasons. If we suspect criminal activity we may disclose data relating to those involved or affected to the appropriate authorities. We may also be obliged to disclose data if we receive a request from an appropriate authority.
2.6. CHANGES TO THE PRIVACY POLICY:
In addition to any sharing of data described elsewhere in this privacy policy, we may disclose data for legal reasons. If we suspect criminal activity we may disclose data relating to those involved or affected to the appropriate authorities. We may also be obliged to disclose data if we receive a request from an appropriate authority.
3. COOKIES
Cookies are small pieces of text that are stored by your browser. Each cookie has a name and is associated with a particular site. When your browser sends a request to a site (for example, to download a page, image, or video), the computer that responds (known as a server) may tell your browser to set one or more cookies. When your browser makes further requests to the same site it sends the cookies back to the server. This allows the server to remember you as you browse the site, and provide features such as shopping baskets or password-protected areas. For more information on the cookies we use, see our cookie policy.
4. DATA COLLECTED BY OUR SHOP
4.1 ACCOUNTS:
When you place an order you can either create a “guest account” or register for a “full account”. A registered account allows you to log in to your account in future and view your order history, or place further orders without needing to enter your details again. You can also choose to create a registered account without placing an order. When you register for an account we collect your name, e-mail address, telephone number, and company.
You can download the data we have collected about you by going to your account page and following the link to download your data.
You can close your account by going to your account page and following the link to close your account. If you close your account we will retain records of any orders you have placed (as described below), but will delete any other data you have supplied.
Lawful basis for processing: Consent given by data subject
Why? You have supplied us with this data in order to create an account
4.2. ORDERS:
When you place an order we collect your name, e-mail address, telephone number, company, delivery and billing addresses, and any comments you choose to leave.
Lawful basis for processing: Performance of a contract
Why? To enable us to enter into a contract with you and fulfil our obligations under it
Lawful basis for processing: Compliance with a legal obligation
Why? To maintain a record of financial transactions for taxation purposes5.
4.3. PAYMENT THROUGH STRIPE:
When you make a payment through Stripe, we send Stripe your name, billing address, and e-mail address. After you enter your card details, Stripe attempts to take payment and tells us whether the payment was successful. For more information on how Stripe handles the data it collects, see Stripe’s privacy policy.
Lawful basis for processing: Performance of a contract
Why? To enable you to pay for your purchase
5. DATA COLLECTED BY THRID PARTIES ON OUR BEHALF
5.1 Our site is hosted through HostPapa. HostPapa helps our website load faster by storing copies of our content in data centres around the world, and protects our website from attacks by logging requests to detect and block suspicious traffic. For more information on how HostPapa handles the data it collects, see HostPapa’s privacy policy: https://www.hostpapa.com/privacy/
Lawful basis for processing: Compliance with a legal obligation
Why? To comply with the GDPR obligation to implement appropriate technical measures to protect data