SECURITY & PRIVACY
As an on-line retailer we take our responsibilities towards your privacy very seriously. We would therefore like to be very clear about what information we store about you, what we don’t, what we share with third parties and why, and how we handle the security of this information.
Your Personal Information
If you want to browse our store you can do so without the need to provide any personal information. Only when you want to buy do you need to register. At this point we then ask you for personal information.
Information We Collect
To fulfil your order, you must provide us with certain information such as your name, email address, postal address, payment information, and the details of the product(s) that you’re ordering. You may also choose to provide us with additional personal details if you contact us directly.
What do we store?
When you order with us we need the following information at the time of order:
• The Billing Address
• The Delivery Address
• Telephone Number
• Email Address
• Items ordered from us
• Any additional delivery request
When you register with us we need the following information:
• Full Name
• Home Address (Billing Address – must be the address that is held with your card issuer)
• Telephone Number
• Email Address
• Newsletter Preference
• Other Addresses (Delivery Address – only if you have placed an order that you need delivered to an alternate address)
All of this information is stored on our Secure Servers. All on-line orders are encrypted and sent through our secure server, using SSL technology to prevent information from being intercepted. This means that the only people who see this information is you and us. None of the information that you send over the Internet can be seen by anyone else.
What do we not store?
We don’t store any further information about you. It’s that simple. All payment or financial information is stored with payment providers who have well established and published security procedures.
How is your information used?
We use your information for the following purposes only:
- Account Management:
We need to store information about you so that we can maintain a good professional relationship and ensure that we send the items you buy to the correct location
- Payment Processing:
We are legally obliged to ensure that customers buying from our site are who they say they are. We are therefore required to pass some personal information to our Payment Service Providers and to Your Card Issuer. The information we provide is your Name and Billing Address and these are checked with your card issuer to ensure that they match. Your security code and any 3D Secure (Verified by Visa and MasterCard SecureCode) information that you provide when entering your card payment details are used to confirm the payment. All our card payments are processed using Stripe secure payment.
- Fraud Prevention:
In order to comply with criminal investigations we will provide, when information is requested correctly by the Police, or through a Court Order, any information that is sought under the authority provided to us.
We never have and we never will provide, free of charge or otherwise, your information to any other third parties for any reasons other than those mentioned above. We will never allow your information to be used for direct marketing of any kind by anyone.
All of the data we hold on you is directly accessible through logging in to your account with us. If you have only ever purchased from us as a guest and are unsure if we hold any of your personal data please email us and we will check for you.
We retain your personal information only for as long as necessary to provide you with our services. However, we may also be required to retain this information to comply with legal and regulatory obligations, to resolve disputes, and to enforce agreements. We generally keep your data for the following time period: 6 years.
If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. These rights are described below:
• Access. You may have the right to access and receive a copy of the personal information we hold about you by contacting us using the contact information below.
• Change, restrict, delete. You may also have rights to change, restrict our use of, or delete your personal information. Excluding exceptional circumstances (like where we are required to store data for legal reasons) we will generally delete your personal information upon request.
• Object. You can object to (i) our processing of some of your information based on our legitimate interests and (ii) receiving marketing messages from us after providing your express consent to receive them. In such cases, we will delete your personal information unless we have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
• Complain. If you reside in the EU and wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.
How to Contact Us
For purposes of EU data protection law, I, Helyn Brind, am the data controller of your personal information. If you have any questions or concerns, you can contact me at firstname.lastname@example.org. Alternatively, you may write to me at:
Abbey Cottage, Longdown Bank, St Dogmaels, SA43 3DU