3. We may change this policy from time to time by updating this page and so you should check it regularly to ensure that you are happy with any changes.
4. Data we collect about you
We may collect the following information about you:
i) Your Name ii) Company Name iii) Telephone Number iv) Email Address v) Any postal addresses that you provide
This information will be taken from you at the time that you make a purchase through our online store, or make contact with us through the contact us page on our online profile.
5. How we handle your data
We use this information for the following reasons:
i) Process any orders you make through our ecommerce platform ii) Improve our products and services iii) For marketing our products and services to you iv) For market research
6. We are committed to ensuring that the data you provide is handled securely and have put in place suitable physical, electronic and managerial processes to safeguard your information.
Cookies are small files which are placed on your computer's hard drive. Cookies help this website to analyse traffic and visitors and help our site respond to you as an individual.
We use traffic log cookies to identify which pages are being used on our site and analyse visitor behaviour through statistics.
8. Links to other websites
You may encounter a link to an external website page whilst visiting our online store or profile on this website. If the link is to a website that is operated by a third party you should know that we have no control over that website and as such cannot be responsible for the protection and privacy of your data or information you provide whilst visiting the site.
To comply with GDPR:
a) You must have given us EXPLICIT CONSENT to use your data for the purposes we intend.
b) You must have ACCESS TO YOUR INFORMATION.
c) You must have the OPTION TO REMOVE YOUR INFORMATION.
* * * * *
ACCESS TO INFORMATION: You can access and edit all your data through the 'My Account' page.
OPTION TO REMOVE YOUR INFORMATION: We can delete your account data, see below, but not the orders made by that account, they have to be kept for tax purposes for 7 years.
DELETE YOUR ACCOUNT: There is an option for this on your 'My Account' page which sends us an email, we then either manually delete your account or an automatic process will delete the account 30 days after the request is made. This does not delete past orders as they have to be kept for tax purposes for 7 years.
* * * * *
We have ensured that we are now compliant with all the new regulations in these key areas:
We have ensured that the decision makers and key people in our organisation are aware that the law is changing to the GDPR. They fully appreciate the impact this is likely to have.
2-INFORMATION WE HOLD
We are documenting what personal data we hold, where it came from and who we share it with.
3-COMMUNICATING PRIVACY INFORMATION
We have reviewed and amended our previous privacy notices to ensure they now comply with the GDPR.
We have checked our procedures to ensure they cover all the rights individuals have, including how we delete personal data or provide data electronically and in a commonly used format.
5-SUBJECT ACCESS REQUESTS
We have updated our procedures to enable us to handling access requests and provide any additional information within the new timescales.
6-LAWFUL BASIS FOR PROCESSING PERSONAL DATA
We have identified the lawful basis for our processing activity in the GDPR, documented it and updated our privacy notice to explain it.
We have reviewed how we seek, record and manage consent. Existing consents are being refreshed if they don’t meet the GDPR standard.
We have thought about whether we need to put systems in place to verify individuals ages and to obtain parental or guardian consent for any data processing activity.
We have made sure we have the right procedures in place to detect, report and investigate a personal data breach.
10-DATA PROTECTION BY DESIGN & DATA PROTECTION IMPACT ASSESSMENTS
We have familiarised ourselves with the ICO’s code of practice on Privacy Impact Assessments as well as the latest guidance from the Article 29 Working Party and have implemented them into our organisation.
11-DATA PROTECTION OFFICERS
We have a designated member of staff to handle our data protection compliance.