Personal Information Collected By Us
If you have ordered or bought items from us, we will have your name, email address, telephone number, postal address and the method you chose to make your purchase with.
Information We Collect Automatically
Who We Share Your Personal Information With
We share your data with the following categories of companies as an essential part of being able to provide our services to you:
Companies that get your order to you, such as payment service providers, warehouses, order packers, and delivery companies
Professional service providers, such as marketing agencies, advertising partners and website hosts who help us run our business
Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud
Companies approved by you, such as social media sites
We will not share your personal information with any other third party.
How Long Will Your Personal Data Be Kept?
We will hold on to your information for as long is needed to be able to provide the service to you and maintain our company transactional records, or where you have given consent to contact you with offers and other marketing purposes, until you notify us otherwise.
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after it is no longer needed to provide the service to you.
Your Rights In Relation To Your Personal Data
You have the following rights in relation to our processing of your personal data:
Right to be informed – You have the right to be informed about how your personal data is being used – hopefully this Privacy Notice explains it all.
Right to access – You have the right to access the personal data we hold on you which allows you to be aware of and verify the lawfulness of the processing.
Right to rectification – You have the right to have personal data rectified if inaccurate, out of date or incomplete.
Right to erasure – You have the right in certain circumstances to have personal data erased, also known as ‘the right to be forgotten’.
Right to restrict processing – You have the right to request the restriction of your personal data in certain circumstances. When processing is restricted, we are permitted to store the personal data, but not use it.
Right to object – You have the right to object to any personal data processing which is based on legitimate interests of the controller or public interest unless there are compelling legitimate grounds for the processing which are sufficient to override your interests, rights and freedoms or the processing is for the establishment, exercise or defence of legal claims.
Right to data portability – You have the right to request that, in the case of automated data only, where possible we transfer elements of your personal data to another data controller.
Right to automated decision making and profiling – You have the right not to be subjected to decisions based solely on automated processing.
If you wish to exercise any of the above rights, you can make a request to us verbally, by email or in writing. You will be asked for information to identify yourself showing your name and address. The information will be provided by us within one month of request. We may extend the period of compliance by a further two months where requests are complex or numerous. If this is the case, we will inform you within one month of receipt of request and explain why the extension is necessary.
You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you feel any part of the processing of your personal data has not been handled in accordance with the GDPR.
Keeping Your Personal Data Secure
We take your privacy very seriously and comply with our obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate security measures are in place to protect personal data.