Privacy & GDPR
WHAT IS DATA PROTECTION & GDPR?
- The Data Protection Act (DPA) is a United Kingdom Act of Parliament which was passed in 1988. It was developed to control how personal, or customer information is used by organisations or government bodies. It protects people and lays down rules about how personal data can be used. The DPA also applies to information or data stored on a computer or an organised paper filing system about living people.
- The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU)
- Most of the processing of personal data is subject to the EU GDPR, and so the Data Protection Act refers to the GDPR’s most central provisions for the protection of personal data. Requiring personal data to be processed lawfully and fairly, based on the data subject’s consent or another specified legal basis.
- The GDPR defines a CONTROLLER as the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Controllers make decisions about processing activities. Here at Grace Natural Pet Foods, we take our role as the Data Controller very seriously, we protect your data as we protect our own.
- There are many ways you can contact us including by phone 0800 310 1015, email firstname.lastname@example.org and post Grace Natural Pet Foods, Unit E3/E4 The Seedbed Centre, Wyncolls Road, Colchester Essex CO4 9HT.
WHAT IS PERSONAL DATA
Personal data is any kind of information that can identify a living individual, either directly or indirectly. Personal data includes names, e-mail addresses, home/billing addresses, location data, and online identifiers such as IP-addresses, search, and browser history.
INFORMATION COLLECTED BY GRACE NATURAL PET FOODS
Information is used for promotional purposes, they may include, your name, address, e-mail address and phone numbers. They will NEVER contain any payment details, we have no access to payment details.
Occasionally we may collect information for promotional purposes and online marketing. Grace Natural Pet Foods may share data it collects with various third parties, partners, site sponsors, or sites with links to our site. Additionally, you may choose not to receive any further correspondence from us or from our affiliates, by simply opting out. It is important to note that any information you do furnish us with is deleted from our database after its purposeful use. Information collected about you may be used for the following purposes:
- Improving our website service and your account
- Providing products or services you have requested or may be of interest
- Fraud Prevention and Detection
- Billing, order fulfilment and order tracking
- Product and Sales statistics
PROCESSING YOUR DATA
We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
Complying with our legal obligations, our system will help us identify when a card is repeatedly declined, and the delivery address associated with the declining payment. Our payment provider system is designed to detect and prevent fraud.
Any information gathered is to the best of our knowledge collected lawfully and fairly through our website, all information is assumed accurate and up to date and only information which is adequate and not excessive to our purpose is obtained.
You can visit our website without offering any information about yourself. In those cases, our web servers collect the name of the domain you used to access the Internet (such as "google.com") and the website you came from and visit next. This information is used by us and others with whom we have business relationships to measure the number of visits, average time spent, page views, and other statistics about visitors to our website. We also use this data to monitor site performance and to make the site easier and more convenient for you to use.
We may contact you by email or phone about our products, services, and promotions but only if you have asked us to do so, you can opt out at any time.
We may disclose your personal data to:
- Our agents and service providers e.g., providers of web hosting or maintenance services
- Credit reference agents
- Law enforcement agencies in connection with any investigation to help prevent unlawful activity.
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.
We will not retain your personal data for longer than is reasonably necessary at the end of the retention period we will securely destroy or delete it from our records. All data records that have not been updated in 12 months will be deleted
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on their behalf.
THIRD PARTY DATA PRIVACY
We will never pass your data on to unauthorised third parties. We have contractual agreements with all external providers. Our main 3rd party service providers (Square) & (Big Commerce) are based in other countries (USA). They have the necessary certification for the US-European data protection convention ‘Privacy Shield’ and therefore ensure compliance with EU data protection levels.
HOW TO CONTACT OUR THIRD PARTIES
FAO: Data Protection Officer.
If you have any questions or concerns regarding Squareup privacy notice, or applicable laws relating to the protection of your personal information have not been respected, you may file a complaint with their privacy team listed above. They will respond to let you know when you can expect a further response. They may request additional details from you regarding your concerns and may need to engage or consult with other parties to investigate and address your issue. They may keep records of your request and any resolution.
As an ecommerce platform, BigCommerce is compliant with GDPR. If you have any questions or concerns regarding BigCommerce privacy notice, or applicable laws relating to the protection of your personal information have not been respected, you may file a complaint with their privacy team email@example.com
They will respond to let you know when you can expect a further response. They may request additional details from you regarding your concerns and may need to engage or consult with other parties to investigate and address your issue. They may keep records of your request and any resolution.
Big Commerce does NOT hold any Payment data, payments are controlled solely by Square & Paypal.
If your request or concern is not satisfactorily resolved, you can contact your local data protection authority (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html).
To ensure the safe tracking and delivery of the order Grace Natural Pet Foods will share the customer details with DPD. This forms part of the customers contract with Grace Natural Pet Foods.
When you submit your information to Grace Natural Pet Foods, whether it be your name, address, or payment information, we do our utmost to ensure that information is protected against loss, misuse, alteration, destruction, or unauthorised access.
Encryption can be used after your data has left your internal system. Encryption renders your data unreadable using a mathematical formula known as the key. Your data is turned back into readable form, i.e., deciphered, by applying the correct key. Grace Natural Pet Foods keeps information collected secure by using a key encryption service.
Due to the nature of eCommerce, there is always a remote danger of information interception no matter what barriers are in place, we suggest that if you are still concerned with security, or unsure of the implications of transacting data online, you may contact us for an alternative method of communication and payment. Payment details are encrypted using SSL technology
YOUR DATA – YOUR RIGHTS
You have the right to information about what personal data we process, how and on what basis as set out in this policy.
- Right of access: Right to rectification:
- You have the right to ask us for copies of your personal information
- You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Right to erasure:
- You have the right to ask us to erase your personal information.
- Right to restriction of processing:
- You have the right to ask us to restrict the processing of your information.
- Right to object to processing:
- You have the right to object to processing.
- Right to data portability:
- This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you.
- Right of Notification:
- You have the right to be notified of a data security breach of your personal data.
- Right to Complain:
- You have the right to complain to the information commissioner. Full contact details can be found on the information commissioner’s office website (www.ico.org.uk). That website has further information on your rights and our obligations.
WHAT IS A COOKIE
A cookie is a small file which is placed onto your computer or any other electronic device when you access our website. Cookie technology helps us track various activity on the site including which pages you visit, how many times you visit, how long you spend visiting, and how to recognise you as a 'user' to best enhance your experience with us. Cookies cannot obtain personally identifiable information such as your e-mail address, or any other information stored on your hard drive. Cookies are pieces of data normally stored by your browser, and you can quite easily prevent cookie data from being sent by adjusting your browser settings.
- Track items stored in your shopping basket and through the checkout process
- Recognise when you visit this website aiding the logon process
- Make your online experience more effective and quicker
- Help improve our services, products and to help us better understand your requirements and interests
We may obtain information about your computer [or other electronic device] such as your IP address or other internet log information, this does not usually identify you personally. In certain circumstances we may collect personal information about you – but only where you voluntarily provide it by completing an online form or where you purchase goods or services from us.
3rd PARTY COOKIES
We work with third-party suppliers who may also set cookies on our website, for example Facebook, Twitter, Instagram which we use to display video content. These 3rd party suppliers are responsible for their cookies they set on our site. If you want further information about these 3rd party cookies, please go to the website of the relevant third party.