It is effective from 25 May 2018
- what information we collect and when we collect it
- what we do with it and how we keep it secure
- what we use it for; and
- how you can control our use of it.
We operate under the General Data Protection Regulation (GDPR), a European Union regulation, effective from 25 May 2018. GDPR is designed to improve the data security and privacy of European citizens. You can read more about it on Wikipedia. In short, it is designed to ensure that your data is safe, and that you can access and control it. It gives you greater security, transparency, and control of your personal data online, something we are fully committed to.
We collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on your engagement with us and how you use any of our products or services. This means we collect and use your information only where:
- we need it to provide you with our products and services, including to operate them, provide support and to protect their safety and security;
- it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our products and services and to protect our legal rights and interests; or
- we need to process your data to comply with a legal obligation.
What information we collect and when we collect it
We may collect information about you whenever you engage with us, including when you contact us, subscribe to our mailing list, or place an order for our products or services through our store and/or create or manage your account with us. We also collect information when you voluntarily provide feedback or complete customer surveys. Website usage information may also be collected when you are on our website, using cookies (which we talk more about later in this document).
We may collect the following information:
- name and contact information e.g. email address
- demographic information e.g. location
- other information e.g. preferences and interests – relevant to our products and services, market research and/or offers we may be able to provide
- products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes such as, to:
- send you information about your account and order
- respond to your requests, including refunds and complaints
- process payments and prevent fraud
- set up your account for our store
- comply with any legal obligations we have, such as calculating taxes
- improve our store offerings
- send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it.
We will also store comments or reviews, if you choose to leave them.
We only ever gather the information we require to understand your needs, process any orders you place with us, and provide you with the highest quality products and services.
What we do with the information we collect
We use the information we gather for the following reasons:
- internal record keeping
- improving our products and services
- if you subscribe to our mailing list, periodically sending emails about our products, services, events, special offers or other information which we genuinely think you may find interesting. You are always able to opt out at any time
- we may also use your information to contact you for market research purposes or to get feedback in order to improve our products and services. You are always able to opt out at any time
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. We also review our contracts with vendors and partners to make sure they are also compliant, and can give us the guarantees on privacy and data protection that we require, such as the EU-US Privacy Shield framework (read more about this on Wikipedia).
Website analytics and cookies
We may use web analytics to learn how our website is performing and to help us to continually improve the site’s functionality. Any analytics data that is collected, processed and stored while you are on our website is aggregated, anonymous, secure and kept confidential.
Links to other websites
Controlling your personal information
Whenever you are asked to provide us with any of your information, either electronically or in person, this is always your choice and we will always keep your information confidential. You may change your mind at any time by updating your contact preferences or unsubscribing using the links we include in all direct marketing emails.
We will not sell your personal information.
We will not share your personal information with third parties unless we have your permission or are required by law to do so.
Access to your information and correction
You may request details of personal information which we hold about you by emailing firstname.lastname@example.org.
We will always do our best to ensure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate, and we will promptly correct any information found to be incorrect.