We understand that privacy and the security of your personal information is extremely important. As such this policy sets out how we use your information and what we do to keep it secure.
It also explains where and how we collect your personal information, as well as your rights over any personal information we hold about you.
This policy applies where we are acting as a data controller with respect to the personal data that you provide to us via our website.
Our website has privacy controls which affect how we will process your personal data. By using the privacy controls, you can set our direct marketing communications that you receive from us. You can access the privacy controls via ‘My Account’ under Communication Setting.
2. How we use your personal data
We may process data about your use of our website (“website data”). The website data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths. The source of the website data is Google Analytics. This website data may be processed for the purposes of analysing the use of the website. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website.
We may process your account data (“account data”). The account data includes your name and email address. The source of the account data is provided by you, when you create an online account via our website. The account data may be processed for the purposes of operating our website, providing our services and communicating with you. The legal basis for this processing is consent.
We may process your order data that are provided in placing of an order on our website (“order data”). The order data may include Billing and Shipping postal address, and contact telephone numbers. The source of the order data is you. The order data may be processed for the purposes of operating our website, providing our services, and communicating with you. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may process information contained in any enquiry you submit to us regarding goods and/or services (“enquiry data”). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is consent.
We may process information that you provide to us for the purpose of email notifications (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may process information relating to transactions, including purchases of goods and services that you enter into with us and/or through our website (“transaction data”). The transaction data may include your contact details, your card details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our website and business.
We do not store credit card details, nor do we share customer financial details with any 3rd parties
3. What information do we collect?
We collect information from you when you register on the site, place an order, enter a contest or sweepstakes, respond to a survey or communication such as e-mail, or participate in another site feature. When ordering or registering, we may ask you for your name, e-mail address, mailing address, phone number. You may, however, visit our site anonymously. We do not retain or store your credit/debit card details or other sensitive information on our servers.
We also collect information about gift recipients so that we can fulfil the gift purchase. The information we collect about gift recipients is not used for marketing purposes.
Like many websites, we use “cookies” to enhance your experience and gather information about visitors and visits to our websites. Please refer to the “Do we use “cookies”?” section below for information about cookies and how we use them.
4. Providing your personal data to others
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.
We may sometimes contract with third parties to supply products and services to you on Our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, We will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.
Whilst placing an order with us via our website, you are redirected to our payment processing partners, Shopify Payment, Google Pay, Apple Pay. By providing your personal data on these payment portal, you are consenting to the payment gateway to process your data to complete the order process.
We use different postal services, to get your order delivered to you. For us to be able to do this we will need to provide them with name, postal address and a contact telephone number to fulfil getting your order to you.
Here is a list of our postal partners:
- Royal Mail - https://www.royalmail.com/privacy-policy
- Whistl - https://www.whistl.co.uk/privacy-website
If required to by law, under any code of practice by which we are bound, or we are asked to do so by a public or regulatory authority such as the Police or the Department for Work and Pensions.
5. International transfers of your personal data
The data that we collect from you may be transferred to, and stored at, a destination outside of the European Economic Area (EEA). Staff who work outside of the EEA may also be involved in processing your order and payment details as well as providing you with support services. If you do register for our site, you agree to the transfer, storing or processing of data in this way. We will take all reasonable steps necessary to make sure that your data is treated securely in line with this privacy statement.
The hosting facilities for our website are situated within a UK data centre. The server is also backup, which is located in data centre in Germany.
We take security seriously and we take precautions to keep your personal information secure. We have put in place appropriate physical, electronic and managerial procedures to safeguard the information we collect. However, due to the open communication nature of the Internet, we cannot guarantee that communications between you and us, or information stored on our servers, will be free from unauthorised access by third parties.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
7. Retaining and deleting personal data
Personal data that we collect and process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
With active accounts it is impossible to specify in advance the periods that your personal data will be retained for. The period of retention of personal data will be determined based on an account being active.
8. Your Rights
As a data subject, you have the following rights under the GDPR, which this Policy and Our use of personal data have been designed to uphold:
- The right to be informed about Our collection and use of personal data
- The right of access to the personal data We hold about you;
- The right to rectification if any personal data We hold about you is inaccurate or incomplete (please contact Us using the details in contact us section below)
- The right to be forgotten – i.e. the right to ask Us to delete any personal data We hold about you (We only hold your personal data for a limited time, as explained but if you would like Us to delete it sooner, please contact Us using the details in the contact us section below)
- The right to restrict (i.e. prevent) the processing of your personal data
- The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation)
- The right to object to Us using your personal data for particular purposes; and
- Rights with respect to automated decision making and profiling.
- If you have any cause for complaint about Our use of your personal data, please contact Us using the details provided in contact us section below and We will do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.
Your Right to Withhold Information
You may access Our Site without providing any data at all. However, to use all features and functions available on Our Site you may be required to submit or allow for the collection of certain data.
How Can You Access Your Data?
You have the right to ask for a copy of any of your personal data held by Us (where such data is held). Under the GDPR, no fee is payable and We will provide any and all information in response to your request free of charge. Please contact Us for more details.
9. About Cookies
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
10. Cookies we use
11. Managing Cookies
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via about cookies website.
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However in a few cases some of our website features may not function as a result.
Most web browsers allow you to manage cookies, and will have cookies enabled by default.
You can read this guide on how to turn all or some cookies on or off in some of the most common browsers. http://www.aboutcookies.org.uk/managing-cookies
Visit the Network Advertising Initiative website to opt out of certain advertising cookies.
Blocking all cookies will have a negative impact upon the usability of many websites, If you block cookies, you will not be able to use all the features on our website.
12. Third Party Links
In an attempt to provide you with increased value, we may include third party links on our site. These linked sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these linked sites (including if a specific link does not work).
13. Changes to our policy
We may notify you of changes to this policy by our website when you access your account with us.
Policy changes will apply only to information collected after the date of the change. This policy was last modified on 19th March 2023.
14. Questions and feedback
We welcome your questions, comments, and concerns about privacy. Please send us any and all feedback pertaining to privacy, or any other issue.
15. Our Details
This website is owned and operated by Heathside Trading Ltd.
We are registered in England and Wales under registration number 05643603, and our registered office is at Unit 6, Walker Park, Guide, Blackburn, Lancashire, England, BB1 2QE
You can contact us:
By post - Unit 6, Walker Park, Guide, Blackburn, Lancashire, England, BB1 2QE
By email – email@example.com
16. Data protection officer
Our data protection officer’s contact details are:
Unit 6, Walker Park, Guide, Blackburn, Lancashire, England, BB1 2QE firstname.lastname@example.org