We are committed to respecting and protecting the privacy of everyone who uses our website and the confidentiality of any information that you choose to share or provide us with. This statement sets out how we use personal information that we may receive from you.
We closely adhere to all relevant legislation, including the Data Protection Act 1998 and the GDPR, and ensure that all personal data or information provided by you through using our website and our services, and which is identifiable, is used in accordance with this privacy statement.
Use and collection of personal information
What information do we collect?
We may collect, store and use the following kinds of personal data:
- Information about your visits to and use of this website;
- Information about any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services;
- Information that you provide to us for the purpose of registering with us and/or subscribing to our website services and/or email notifications and/or making a general enquiry
Information about website visits
We may collect information about you computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. We may use this information in the administration of this website, to improve the website’s usability, and for marketing purposes.
Who will see the data?
People in our organisation or working for our organisation who need your data in order to carry out the service we are providing you or for marketing purposes, which you have consented to.
After collecting data from you that you have consented for us to use, we may transfer it other parts of our organisation or to trusted and reputable third-party service providers, where we have a legitimate reason or consent to do so. All of the service providers we use are required to maintain the confidentiality and security of your personal data and to use it only in compliance with data privacy laws and for specified and instructed purposes. Each service provider is also responsible for their use of your personal data, according to rules they set in their own privacy policies.
Below is an outline of the purposes for which we may transfer your personal data to third parties:
Using your personal data
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
At any time you can change your mind or withdraw your consent about the way we use your personal data. If you wish to do this, please contact firstname.lastname@example.org or call us on 01243 756240.
International data transfers
If you are in the European Union, information which you provide may be transferred to countries which do not have data protection laws equivalent to those in force in the European Union. You expressly agree to such transfers.
How long do we hold information for?
If we have not had meaningful contact with you for two years, we will then delete any personal data we hold. This does not include customer accounts, but these can be deleted if a customer chooses to delete their own account, or requests us to do this for them.
At any time you may ask us to delete your personal data, and we will do so subject to any legal restrictions or our ability to do so. Any personal data that is deleted is logged anonymously, with details on what was removed and when this took place.
How can you control your personal information?
In the event that you do not wish to be contacted for specific marketing purposes, ensure that you don’t tick or tick the appropriate boxes next to any forms which state there is an opportunity to sign up to marketing. You may unsubscribe from our contact list at any time by replying to a promotional email with the word “unsubscribe” in the subject line, by emailing us at email@example.com or calling us 01243 756240.
At any time you can change your mind about the personal information we hold. You can contact us and ask us to delete your information from our marketing list, or to completely erase any personal data we hold on you on our system. Contact firstname.lastname@example.org to ask that this be done.
Third party websites
The website contains links to other websites. We are not responsible for the privacy policies of third party websites.
We may send a cookie which may be stored on by your browser on your computer’s hard drive. We may use the information we obtain from the cookie in the administration of this website, to improve the website’s usability and for marketing purposes. We may also use that information to recognise your computer when you visit our website, and to personalise our website for you.
Most browsers allow you to refuse to accept cookies (for example, in Internet Explorer you can refuse all cookie by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector). This will, however, have a negative impact upon the usability of many websites, including this one.
We will take reasonable precautions to prevent the loss, misuse or alteration of your personal information. Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
you are responsible for keeping any passwords confidential. We will not ask you for your password.
If you pay by credit or debit card, your details are handled by us on a secure server using Stripe Payments encryption. While it is impossible for any website to be completely impregnable to fraud, our system of a secure server and encryption offers a good level of security that you can be confident with. When you place an order to purchase a product we will send you an email confirming receipt of your order and containing the details of your order including transaction and order reference numbers.
Your order represents an offer to us to purchase a product which is accepted by us when we process payment for your order. When we accept your order, we will send a Dispatch Confirmation Email. Any products which we have not confirmed in a Dispatch Confirmation E-mail do not form part of that contract. If you have incorrectly entered your email address your confirmation and dispatch email may fail. So long as payment has been processed successfully this will in no way affect your order.
Failure by us to send a receipt confirmation email or dispatch confirmation email in no way invalidates your offer or our acceptance of your offer.
Under the GDPR, you have the following individual rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
You can find out more about your rights on the ICO website. If you have any questions about these rights in relation to us, please contact email@example.com.
You have the right to see personal data (as defined under the Data Protection Act) that we keep about you. Any request can be emailed to firstname.lastname@example.org or you can write to us at The Little Botanical, Lagness Road, Runcton, Chichester, West Sussex, PO20 1NL.
We will provide the relevant data within 28 days, unless there is a legitimate reason why it needs to take longer.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible at the above address. We will immediately correct any information found to be incorrect.
Should you wish to lodge a complaint, you have the right to do this through the Information Commissioner’s Office:
Phone: 0303 123 1113
Online contact form: https://ico.org.uk/global/contact-us/email
Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF