Introduction
This policy sets out what we do with your data, and also applies to any in-store orders placed.
You should carefully read this before agreeing and are welcome to contact us if you have any further questions.
Who we are?
We operate from our company’s registered address, 274 Gloucester Road BS7 8PB
What information do we collect?
Your name, address, email address, contact number and all web-based registration information.
Your payment method provider will send us payment confirmation, which may include (partial) payment details from your chosen payment method.
Specific requests you make of us, such as powder preference.
How do we use personal information?
- personalisation of content, business information or user experience
- account set up and administration
- delivering marketing and events communication
- internal research and development purposes
- providing goods and services
- legal obligations (eg prevention of fraud)
- meeting internal audit requirements
What legal basis do we have for processing your personal data?
We process this information based on your express and/or implied consent, and by virtue of the fact that you enter into a contract with us when opting to avail of our services.
We are legally obliged to maintain records for up to 7 years and will accordingly retain all necessary information to comply with any relevant legislation.
You may contact us to withdraw your consent, and we will take all possible steps to comply.
When do we share personal data?
We share your data only when it is necessary to process your order or query. So, we’ll share your information with our Point of Sale Software, our payment processor gateway, and with our marketing tools to allow us to create tailored promotions.
At all possible stages we’ll exchange only the minimum information we are able.
Wherever possible your data is encrypted and stored securely.
Where do we store and process personal data?
Your data will be stored outside the UK via our Point of Sale Software, which is end-to-end encrypted. This means that the data is securely stored in a way that prevents anyone else from accessing it.
How do we secure personal data?
Your data is secured by being encrypted wherever possible, with access limited only to those employees that require it.
For example, these are measures:
- to protect data against accidental loss
- to prevent unauthorised access, use, destruction or disclosure
- to ensure business continuity and disaster recovery
- to restrict access to personal information
- to conduct privacy impact assessments in accordance with the law and your business policies
- to train staff and contractors on data security
- to manage third party risks, through use of contracts and security reviews
How long do we keep your personal data for?
We will store your data as long as is needed to comply with all relevant legislation (such as company record keeping).
Your rights in relation to personal data
You may contact us to see the information we hold for you, to amend or correct errors, or to lodge a complaint.
You may contact us to facilitate any of the above. We will comply with any reasonable request, unless in so doing we put at risk the data of another subject, or to do so would be unreasonable or likely to lead to us being in violation of other legislation.
How to contact us?
By post, email, phone or in person.
Use of cookies and other technologies
We use cookies and other technologies to make your experience smoother and to allow us to continue to provide the best possible service to all our customers.