If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
What is GDPR?
The GDPR (General Data Protection Regulation) is the primary law that regulates how companies protect EU citizens’ personal data.
To comply with GDPR a company must have a lawful basis for processing the personal information of an EU citizen.
There must also be procedures in place regarding the storage and use of data in compliance with GDPR and clear information given on requests of such data and the right to be forgotten.
For more information on GDPR see the Wikipedia article on General Data Protection Regulation
The lawful basis under which we may process personal information are as follows.
- Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
- Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
- Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
- Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
Your individual rights
Under the GDPR your rights are as follows, depending on the lawful basis (see above).
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You can read more about your rights in details here on the ICO (Information Commissioner’s Office) website
You also have the right to complain to the ICO if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
What We Collect
We may collect the following information when you are using our website, completing our contact form, emailing or calling us.
- contact information including email address
- demographic information such as postcode, preferences and interests
- other information relevant to customer surveys and/or offers
- Browser and operating system used to visit our site
- IP address used to visit our site
What We Do With Information We Gather
Information is often used to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping.
- We may use the information to improve our products and services.
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
- We may gather information such as the operating system you use, which internet browser you used to visit our website and your IP address. All of this data is gathered with no person or identity associated with it and these statistics and reports are used to monitor browsing habits of visitors to our site, how they got to our site and other information that can help us better our strategy and targeting of digital marketing.
Who we share your data with
We won’t ever share your data with a 3rd party, though some 3rd parties may get some data when using our website from 3rd party cookies used in things such as social sharing buttons. Our cookie control (cog icon bottom left of this site) gives options for disabling these.
Our website is built on WordPress CMS which does not share any personal data with anyone.
How long we retain your data
Any date from our websites contact form shall be retained for no more than 2 years, without your permission.
Any data from Google Analytics shall be retained for no more than 2 years.
Any data from using one of our services or purchasing a product shall be retained for no more than 10 years, without your permission.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical and electronic managerial procedures to safeguard and secure the information we collect.
A cookie is a small file which is placed on your computer’s hard drive. The cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies also allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Links To Other Websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling Your Personal Information
You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
You may request details of personal information which we hold about you under GDPR. If you would like a copy of the information held on you please request it.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.