Privacy Policy

 

This Privacy Policy was last updated on 15th April 2020. It is part of our overall Terms and Conditions but is written separately for ease of access and use.

Please ensure that you read our Full terms and Conditions alongside this policy.

The Privacy Policy informs you of our policies regarding the collection, use, storage and disclosure of personal data when you use our business and the choices you have associated with that data.

We use your data to provide and improve how we serve our customers. By using the website and providing us with information, you agree to the collection and use of information in accordance with this policy.

1. WHO WE ARE

Rachael’s Rose is an independently owned family business. It is the trading name of the private partnership of J & A Weclawek and M & G Lee with VAT registration No: 926271129.

Our postal address is 8 Rolle Street, Exmouth EX8 1HE. Our website address is: www.rachaelsrose.co.uk

2. WHAT PERSONAL DATA WE COLLECT AND WHY WE COLLECT IT

As well as information obtained when you use the website, we collect also data about you when you contact us by any means with questions, orders, requests, complaints and when you ask our sales assistants to phone or email with information about a product. Consequently this policy covers any and all methods by which you provide us with data.

Contact forms: When you use the contact form on the website, we will use the information you provided to contact you and address customer enquiries. Unless you sign up for our email bulletin, this information will only be kept and used in relation to the enquiry.

Account holders: When you register for an account, we will ask for your contact details, including email, phone number, residential address and delivery address. You will also have the opportunity to opt into our email bulletin. This is not automatic.

If you have an account and you log in to this website, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Data relating to purchases: When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and if you set up an account your username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments
  • Prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have
  • Improve our store range and services

Credit card and payment details are held securely by our external providers. See below for the use of PayPal on the website.

Comments: When visitors leave comments on the website, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy After approval of your comment, this will be visible to the public.

If you leave a comment on our website you may opt-in to saving your name, address and email through setting up an account. It is not possible to post a comment without an account.

Cookies: Cookies are small files saved to the user’s computer hard drive or device that tracks, saves and stores information about the user’s interactions and usage of the website. Information supplied by cookies enables analysis of the profile of our visitors and so provide visitors with a better experience. These cookies allow us to distinguish you from other users of our website. They do not collect any personal data. Please see our Cookie Policy for further information and how to change the cookie settings.

Embedded content from other websites: Articles on this website may include embedded content such as videos, images and articles. Embedded content from other websites behaves in exactly the same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Non-website data: For customers who order in store or phone or email, limited selected personal data as described in the section on data purchase will be kept.

3. CONSENT

We use a contractual basis for processing data relating to any purchases or for setting up of an account with us. When you provide us with personal information to set up an account, place an order, verify your credit card, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

We may use legitimate interests to contact you as a customer regarding information about related products that you have recently purchased.

We use consent for subscribing to our email bulletin. We will always ask you directly for your expressed consent by asking you to opt-in. In addition, all subsequent communications will provide the option for you to opt-out. You may withdraw your consent for us to contact you, for the continued collection or use of your data and/or disclosure of your information. This can be done by logging into your account and amending your preferences or by contacting us by email, post or using the contact form on the website.

We use compliance with a legal obligation as the basis for processing any legally required activities.

4. HOW LONG WE RETAIN YOUR DATA

We take reasonable steps to create an accurate record of any personal data you have submitted.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that set up an account on our website, we also store the personal information provided in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Our website administrators can also see and edit that information.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will keep purchase information for 6 years for tax and accounting purposes. This includes your name, email address, billing address and shipping address.

5. WHAT RIGHTS YOU HAVE OVER YOUR DATA

You have the following rights:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling.

The law gives you the right to access information held about you. Any access request is normally free of charge but may be subject to a fee.

If you have an account on this website, have left comments or made a purchase, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

6. HOW WE PROTECT YOUR DATA

Sharing your data: We will not share any of your data to any third parties unless we are legally obliged to; or without your permission, or unless indicated in this privacy notice or agreed by you.

We may disclose your personal information to third parties without obtaining further consent from you for the delivery of your purchase. We require these third parties to comply strictly with our instructions and data protection laws and will make sure that appropriate controls are in place.

We may need to pass on information if required by law or by a regulatory body. We may also use IP address information to identify a user if we feel that there are or may be safety and/or security issues or to comply with legal requirements. Reasons for such usage and disclosures include:

  • Complying with a legal obligation or requirement from a law enforcement agency
  • Protecting the rights or property of Rachael’s Rose
  • Preventing or investigating possible cases of suspected fraud or defamation
  • Ensuring the security of any data.

We will not transfer your personal data to countries outside the European Union or the European Economic Area.

Third parties: We will never sell your data to a third party for any purpose, including marketing. We do not collect information indirectly by observation or inference, only what you may choose to provide.

Who on our team has access: Members of our team have access to the information you provide us. For example, Administrators and Shop Managers can access:

  • Order information such as what was purchased, when it was purchased and where it should be sent, and
  • Customer information such as your name, email address, and billing and shipping information.

Authorised team members have access to this information to help us fulfil orders, process refunds and support our service to you.

Security and safety: The security of data is important to us and Rachael’s Rose has security measures in place to protect against the loss, misuse and alteration of personal data under our control. Information is stored by us securely. Only authorised personnel are able to access personal information in accordance with our internal policy, and we ensure access to information is password protected or secured via locked filing cabinets. Financial information you input is encrypted before it is sent to us.

Complaints: If you consider that your data has not been handled correctly, please contact us so that we can seek to rectify the situation. If you are then not satisfied, you have the right to lodge a complaint with the Information Commissioner’s Office. You can contact them by calling 0303 123 1113 or visit www.ico.org.uk. If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in that country.

7. REGULATORY DISCLOSURE IN RELATION TO ORDERS

In this policy, we seek to comply with all our regulatory duties in relation to use of the website and placing orders. The following is a summary of the major matters relating to orders and accounts.

We collect information about you during the checkout process on our website store. While you visit our website, we’ll track:

  • Products you’ve viewed: we’ll use this to show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for analytics and to improve the website
  • Shipping address: we’ll ask you to enter this so if necessary we can estimate shipping before you place an order, and send you the order

We’ll also use cookies to keep track of shopping basket contents while you’re browsing our website.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information such as username and password. We’ll use this information for purposes, such as:

  • Sending you information about your account and order
  • Responding to your requests, including refunds and complaints
  • Processing payments
  • Preventing fraud
  • Setting up your account for our store
  • Complying with any legal obligations we have
  • Improving our store range and services

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We will also store comments or reviews, if you choose to leave them.

8. PAYMENTS

We accept website payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. Please see the PayPal Privacy Policy for more details.

We accept payments at our shops and on the telephone via Worldpay. Our systems do not keep your personal details, other than for those needed to process the transaction. Merchant till receipts are kept securely. We registered and comply with the Safer Payments protection system run by Worldpay and this is updated annually.

9. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Please look at Privacy Policy regularly to stay informed about our use of data and the measures we take to protect such data. The date of effect is the date at the top of this policy.

The law requires us to provide users with clear and comprehensive information about our policy. If this policy does not answer all your queries, you should contact us via the contact form on this website or by post to Rachael’s Rose, 8 Rolle Street, Exmouth EX8 1HE.