The General Data Protection Regulation (GDPR) is an EU law on data protection and privacy. From 25th of May 2018, the GDPR applies on all personal data that is handled within the borders of the EU or relates to individuals in EU – no matter where the organization handling the data is located.
The main aim of the GDPR is to unify and simplify the regulatory environment and to strengthen the data protection of individuals in the same way across the EU. For individuals, this means increased control over their personal data, and to businesses active in Europe the GDPR comes with additional requirements on how to handle personal data.
Who are we?
ECOMDIRECT LTD is a UK registered company that wholly owns and operates the website www.petshopdirect.co.uk. Petshop Direct treats the handling of personal data seriously when you visit or make a purchase from www.petshopdirect.co.uk (the site”).
We appreciate your interest in our website (our “Site”). Privacy protection is very important to us and we are committed to protecting you and respecting your privacy. This privacy notice sets out information about how we collect, store, process, transfer, share and use data that identifies or is associated with you (hereinafter “personal information”).
If you have any questions about how we Protect Your Privacy, drop us an email at firstname.lastname@example.org
When do we collect your personal data?
- When you visit our website and use your account to buy products.
- When you make an online purchase and check out as a guest (in which case we just collect transaction-based data).
- When you create an account with us.
- When you engage with us on social media.
- When you contact us by any means with queries, complaints etc.
- When you choose to complete any surveys we send you.
- When you comment on or review our products and services.
PERSONAL INFORMATION WE COLLECT
What sort of personal data do we collect?
- If you have a web account with us: your name, gender, billing/delivery address, orders and receipts, email and telephone number. For your security, we’ll also keep an encrypted record of your login password.
- Your comments and product reviews.
- Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
We at Petshop Direct care about our customers, and that means we care about you and your privacy. We always collect personal information responsibly and with your privacy in mind.
It is important to us that you are aware of how we handle your personal information. When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device.
Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
– “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
– “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information), email address, and phone number. We refer to this information as “Order Information.”
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- To process any orders that you make by using our website. If we don’t collect your personal data during checkout, we won’t be able to process your order and comply with our legal obligations.
For example, your details may need to be passed to a third party to supply or deliver the product or service that you ordered, and we may keep your details for a reasonable period afterwards in order to fulfil any contractual obligations such as refunds etc.
- To respond to your queries, refund requests and complaints. Handling the information you sent enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout.
- To protect our business and your account from fraud and other illegal activities. This includes using your personal data to maintain, update and safeguard your account. We’ll also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites.
- To process payments and to prevent fraudulent transactions. We do this on the basis of our legitimate business interests. This also helps to protect our customers from fraud.
- With your consent, we will use your personal data, preferences and details of your transactions to keep you informed by email, web, text, telephone about relevant products including special offers, discounts, promotions etc.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to complete a purchase on our website.
For example, if you’ve asked us to let you know when an item comes back into stock, we can’t do that if you’ve withdrawn your general consent to hear from us. Of course, you are free to opt out of hearing from us by any of these channels at any time.
How we protect your personal data
We know how much data security matters to all our customers. Keeping this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.
We secure access to all transactional areas of our websites ‘https’ technology.
Access to your personal data is password-protected, and sensitive data such as payment card information) is secured and tokenised to ensure it is protected.
We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll keep the personal data you give us for 6 years so we can comply with our legal obligations. At the end of that retention period, your data will be deleted completely.
Who do we share your personal data with?
We sometimes share your personal data with trusted third parties. Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
- IT company who support our website and the business systems.
- Operational companies such as delivery couriers.
- For fraud management, we may share information about fraudulent or potentially fraudulent activity in systems. This may include sharing data about individuals with law enforcement bodies.
- We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
What are your rights over your personal data?
You have the right to request:
- Access to the personal data we hold about you, free of charge.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop processing your personal data, in specific circumstances; for example, when you have withdrawn consent.
- You can contact us to request to exercise these rights at any time by contacting by emailing us at email@example.com or by post at Petshop Direct, 28 Bells Hill, Barnet, London, EN5 2RY, United Kingdom
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at Petshop Direct, 28 Bells Hill, Barnet, London, EN5 2RY, United Kingdom [Re: Privacy Compliance Officer] [Petshop Direct, 28 Bells Hill, Barnet, London, EN5 2RY, United Kingdom]