Privacy & Security
PRIVACY & DATA PROTECTION POLICY
We are fully committed to compliance with the requirements of the Data Protection Act 1998 and the new General Data Protection Regulation 2018 (GDPR). This Privacy and Data Protection Policy sets out our commitment to protecting personal data and how we implement that commitment with regards to the collection and use of personal data. The GDPR is one of the most significant pieces of legislation affecting the way that we carry out our information processing activities. Significant fines are applicable if a breach is deemed to have occurred under the GDPR, which is designed to protect the personal data of citizens of the European Union.
Principles Relating to Processing of Personal Data
There are a number of fundamental principles upon which the GDPR is based. These are as follows.
Personal data shall be:
- processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
- accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
We will ensure that we comply with all of these principles both in the processing it currently carries out and as part of the introduction of new methods of processing as required.
Types of information we collect about you:
- Contact information, such as name, email address, mailing address, fax or phone number;
- In some cases, we may take payment and financial information, such as credit or other payment card information, bank account, or billing address;
- Date of Birth is collected on registration to ensure legal compliance;
- Preference information such as product wish lists, order history, or marketing preferences.
- Information about your business such as company name, job role, or business type;
- Demographic information, such as age, gender, and interests;
- Device and other tracking information, such as browser information, device identifiers, operating system, geolocation, or information gained from cookies, pixels or other tracking technologies.
- Sometimes, we may combine personal information you provide with information from third-party sources. For example, we may confirm your address with the postal or courier service. We will treat the combined information in accordance with the terms of this Policy.
- We monitor usage patterns to continually improve the site and your user experience.
- Phone calls may be recorded, and any recorded calls may be retained for a maximum of 6 months and only be used for training and quality purposes.
- We may send requests to other sites and, in this process, IP addresses may be shared with third-parties. This is required for certain website functionality and ensures we are able to provide you with the best user experience when navigating the site.
How we collect personal information:
We collect the above personal information about you when you use this website and we need this information to enable us to provide our services. This section sets out in more detail what information we collect, why we collect it, how we use it and how long we keep your information.
We collect personal information when you provide it to us. This can occur when you register, create accounts, complete a purchase, send in forms, take surveys, or fill in various online fields on our online applications. We also collect personal information when you contact us with enquiries or customer support requests.
We may also collect the personal information of third parties when you provide it to us. For example, if you choose to use our service to send a referral or gift to a friend or colleague, we will ask you for their name and address or email address depending on the service required. We store this information for the sole purpose of completing the transaction. If you provide personal information of a friend or family member and they want us to delete this information, they should contact us.
How we use personal information:
Authorised employees, officers, agents, suppliers or subcontractors may have access to some of your personal information for the following purposes:
- to provide you with the products and or services you were invited to or requested;
- to verify your identity and/or location in order to allow access to your accounts, conduct online transactions, and secure your personal information;
- to send you important information, such as changes to terms, conditions, and policies and/or other administrative information;
- to deliver rewards to your chosen delivery addresses;
- to respond to your enquiries and fulfill your requests;
- to track referrals;
- to personalise your experience on our systems by presenting content or offers tailored to you;
- to send you marketing communications you have signed up for or that we believe may be of interest to you. If you subscribe to newsletters, we will use your name and email address to send them to you. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or accessing the email preferences in your account.
- to allow you to use various online system features.
- to fulfil legal obligations
Cookies:
Like most websites, we use cookies to make our site run more smoothly and to personalise your experience. Cookies are small text files designed to remember certain bits of information such as what content you may have viewed or what you've placed in your online shopping basket, so that your user experience can be improved. Cookies are also used to collect data about how visitors use a website, such as how long is spent on each page. This allows us to work out which parts of the website is most popular, and which sections might need improving to give you a better experience. None of the cookies we use collect personal information about you; they are simply used to give us anonymous data that allows our website to work properly and help us see where we can improve. From time to time, we may also make use of other third party cookies for analytics tracking, such as Google Analytics which are anonymous and not linked to any personal information.
If you'd rather not have cookies on your computer, you can disable them quickly and easily in your browser settings. Instructions for doing this will vary from browser to browser, but will usually be in the ‘privacy' section of your browser settings or preferences. You'll also be able to delete any cookies already on your computer, as well as blocking cookies from other sites. Please be aware that disabling cookies in your browser will result in some aspects of the website not functioning correctly including not being able to log in to your account. We therefore recommend keeping cookies enabled to ensure you get the most from our site.
For further information about cookies and how to disable them in different browsers, the Information Commissioner's Office offers this comprehensive guide to cookies.
Security:
Although we will do our best to protect your personal data using the latest SSL encryption, we cannot guarantee the complete security of your data transmitted; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to restrict unauthorised access. Where applicable credit and debit card data taken through our websites are encrypted in accordance with PCI-DSS.
The security of your personal information is important to us. All personal information is stored in databases hosted in ISO27001 compliant secure data centres inside the European Economic Area (EEA). Some of our third-party contractors are based outside of the EEA however, we have strict control over how and why your data can be accessed. By submitting your personal data, you are consenting to this transfer, storing or processing. If we transfer your data outside the EEA we will take steps to ensure that appropriate security measures with the aim that your rights continue to be protected as set out in this policy.
Retention of personal information:
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements.
Access to your personal information:
Anyone may request, at any time, a copy of the personal information we hold about them, usually at no cost. Should you wish to access or update the personal information that we hold, please login and visit the My Profile page or contact us.
Removal of personal information:
If you wish to have the personal information we hold on your person removed, please request this in writing. If you are concerned that we are not using your information in accordance with the law please contact us in the first instance and we will attempt to resolve your query. If you are not satisfied with the resolution, then you can complain to the Information Commissioner’s Office.
Amendments to the Privacy Policy:
We may update this privacy policy from time to time by posting a new version on this website. You should check this page occasionally to ensure you are happy with any changes. We may also notify you of changes to our privacy policy by email.