1. This Policy
1.1 Ensuring the privacy and security of your personal information is very important to us.
1.3 Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
3. Information Collected
3.1 We collect personal information from you in various ways, for example if you: sign up to our email mailing list; purchase items from our Website; or contact us with a comment, question or complaint.
3.2 This may include, for example, your name, date of birth, email address, postal address, telephone number, whether you are male or female[, credit card or other payment details] and your product preferences.
3.4 If you choose not to provide Personal Data, we may not be able to comply with a request for information or services.
4. Personal Data Relating to Third Parties
4.1 Please ensure that any Personal Data you supply to us which relates to third parties is provided to us with their consent and knowledge of our proposed use of their Personal Data.
5. How We Store and Use Your Personal Data
5.2 We may use your Personal Data for the following purposes: a) Transactional purposes: when you purchase goods from our Website, we use your Personal Data to process your order, deliver the goods to their proper location, process payments and communicate with you about the status of your order. b) Administrative purposes: when you contact us with a comment, question or complaint you may be asked for Personal Data which we will then use to verify your identity and to help us promptly answer your question or respond to your comment or complaint. c) Marketing communications: Where you have expressly consented to us doing so in accordance with applicable law, we may contact you for marketing purposes electronically (e.g. email, MMS, SMS or through social media) or by telephone. We may also contact you by post from time to time, unless you have told us that you do not want to receive these communications. When we send marketing communications to you by email, you will be given an opportunity to unsubscribe from such communications. You may also opt out of receiving marketing communications from us at any time by informing us at the following email address: firstname.lastname@example.org. d) Marketing analysis: we may use your Personal Data for the legitimate interest of internal marketing analysis. For example, we may analyse your product preferences in order to tailor our email messages. We also may use your feedback, suggestions and comments (in an anonymised form) to assess and/or improve our products and Website.
We may use your Personal Data for other purposes that you expressly consent to from time to time.
6. Legal Obligations
6.1 We collect and process your Personal Data in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, national laws implementing the EU Data Protection Directive (95/46/EC) and from 25 May 2018 the EU General Data Protection Regulation (2016/679).
7. Disclosing to third parties
7.1 We will not disclose Personal Data to third parties without you knowing about it. The exceptions are: a) where we are legally required to do so or where we need assistance of third parties data processors, acting under our instructions, who we may need to assist us - for example in dealing with a request you make and securely storing your Personal Data, or to conduct anti-fraud or money-laundering checks; b) where we may provide your Personal Data to a third party in the process of purchasing our company or business.
8. International Transfers
9. Retention period
9.1 We will retain certain Personal Data in respect of financial transactions for as long as the law requires us to for tax or accounting purposes (which may be up to 6 years after a particular financial transaction). In respect of the holding of Personal Data for direct marketing purposes, we will retain this in line with applicable law and guidance of competent regulatory authorities in the UK or other relevant territory. We will delete Personal Data that is no longer needed by Sam McKnight or will mark your data as 'do not contact' if you tell us you do not wish to be contacted in the future.
10. Security to Protect Personal Data
10.1 We employ appropriate technical and organisational security measures to protect your Personal Data from being accessed by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We also endeavour to take all reasonable steps to protect Personal Data from external threats. However, please be aware that there are always inherent risks in sending information by public networks or using public computers and we cannot 100% guarantee the security of data (including Personal Data) disclosed or transmitted over public networks.
11. Your rights
11.1 In accordance with your legal rights under applicable law, you can request information about the Personal Data that we hold about you, what we use that Personal Data for and who it may be disclosed to.
11.2 You can also request that we: correct Personal Data that we hold about you which is inaccurate or incomplete; erase your Personal Data without undue delay; no longer use your Personal Data for marketing purposes (please see 'Marketing Communications' section of paragraph 5 above); or transfer your Personal Data to another organisation.
11.3 All of these requests may be forwarded on to a third party provider who is involved in the processing of your Personal Data.
11.4 If you would like to exercise any of the rights set out above, please write to our data protection contact at the email address in the ‘Contact’ section below. Where applicable law allows, we may request a fee to cover our administrative expenses in responding and may also require further information to verify your identity or locate the specific information you seek before we can respond in full.
If you are not satisfied with our response or believe we are processing your Personal Data other than in accordance with applicable law you can complain to the Information Commissioner's Office (ICO) in the United Kingdom.
13.1 If you have further queries or requests relating to how we use Personal Data please contact our data protection contact at [email@example.com], or by post at our registered office at Sam McKnight [ ].