Date of last update: 10/01/2021
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We hope that the following sections will answer any questions that you may have, but if not, please do get in touch with us.
The legal basis for our use of the information
The law on data protection sets out several different reasons for which a company may collect and process your personal data, including:
In specific situations, we can collect and process your data with your consent.
For example, when you tick a box to receive email newsletters, or complete an online enquiry form.
When collecting your personal data, we’ll always make clear which data is necessary in connection with a particular service.
It is necessary to perform a contract to which you are a party to (i.e to process your payment, and to deliver the Goods that you have ordered on our website).
If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity affecting us to law enforcement.
We may require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business, and which does not materially impact your rights, freedom, or interests.
We may use the data relating to your interest in our services, information, and offerings, in order to personalise further offers, information or services that may be of interest you.
We will also use your contact details to send you direct marketing information by email, telling you about products and services that we think might interest you.
When do we collect and use your data?
There are many ways in which we may collect your data, and this depends on how you engage with us.
Information you give us:
- To carry out our obligations to perform a contract to which you are a party to such as providing you with the information or Goods that you request from us and when you provide billing and payment information to allow us to process an order and deliver the products that you have ordered.
- When you request, and receive, customer support or enquire about our services.
- When you engage with us on social media.
- When you post a comment on or review our services.
- When you create and manage your online account, including access to your purchase history.
- When we communicate about and administer your participation in special events, competitions, surveys, loyalty programmes and other offers.
- To comply with applicable legal requirements, relevant industry standards and our policies.
- We also may use the information in other ways for which we provide specific notice at the time of collection. The information collected is necessary for the purposes set forth above. Without this information, you may not be able to take advantage of some of our products or services.
By engaging with us in the above ways, you agree to the collection and use of information in accordance with this policy.
Information we collect:
When you visit our website/s.
From sources where you have given consent to share information or where the information is made public as a matter of law.
What ‘types’ of data do we collect?
The personal data we hold for you will be limited to your name, email address, telephone number/s and company name.
In the course of us fulfilling our contractual obligations to you as a customer, additional information may be required; including billing/delivery address, and bank details for example, to process a payment and provide delivery of your order.
Details of your interactions with us
We may collect notes from our conversations with you, there may be actions that we need to undertake to fulfil our services to you, such as details of any complaints, testimonials, or other comments you make. We also collect details provided by you when completing a form or submitting an enquiry through our website, in addition to files downloaded, web pages you visit and how and when you contact us. We may also collect your social media username, if you interact with us through those channels, to help us respond to your comments, questions, or feedback.
Details of the topics and services that interest or might interest you
We may collect details of which of our website pages you visited, information you have downloaded, and what services you have used in the past. We’ll only ask for, and use, the data collected for recommending services of interest and to personalise your website and overall customer experience with us.
Technical information that your browser sends
To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, the advertisements you clicked on, and any search terms you entered.
What is the purpose of collecting my data?
We have talked about the legal basis that we rely on to collect and process your data earlier in this document. Whilst there will be contractual or legal obligations for doing so, ultimately, it is our aim to provide you with the best possible experience when engaging with us.
We will also use data to monitor the performance of our services to you and others, and the analysis of such data will be used to improve our services, systems and processes and understand your requirements better so that we may personalise our services and marketing of those services to your specific interests and requirements.
If you choose not to share your data with us, then we might not be able to provide some services to you, or to provide the level of service that you would come to expect from us.
Personal data we disclose to third parties
There may be occasions whereby we disclose your data to a third-party organisation. We follow strict guidelines in the storage and disclosure of information that you have given us, to prevent unauthorised access. Reasons for disclosure may be:
Where we are securing the service of a third party to assist in providing a service to you. An example of which includes payment processing, and the provision of shipping/delivery of your purchase.
If, in the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. Where there is a legal obligation to do so, for example, a court order.
How do we protect your data?
The security of your personal information is extremely important to us but please remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. We use standard commercial software and systems and best practice internal procedures to help us protect your personal information, but we cannot guarantee its absolute security. To help us to protect your data as best as we can we:
- Ensure that the collection and processing of such personal data will be done in accordance with the EU General Data Protection Regulation (GDPR).
- Secure all transactional areas of our website using ‘https’ technology.
- Limit the user access to your personal and sensitive data and use appropriate security layers such as password protection.
- Regularly monitor our systems and processes for any vulnerabilities or attacks and identify ways to enhance our security.
How long will we keep your data?
Whenever we collect or process your personal data, we shall only keep it for as long as is necessary, and only for the purpose for which it was collected, or until you advise us to delete it.
At the end of the retention period, your data will either be deleted completely or anonymised, so that it can be used in a non-identifiable way for statistical analysis and business planning.
If you are a regular ‘customer’, and hold a registered account on our website, then we would expect to store and maintain your personal data for the purpose for which it was provided.
Upon the termination of a contract with us, the ‘type/s’ of data that we hold, will determine the period for which we will be required to keep it.
For example, accounts records must be held for a period of 7 years as required by HMRC before we can delete it.
Any email communications will be stored for a maximum period of 12 months and in the case of the contact form (or other type of form) found on our website/s, after we have serviced your request, your data will be kept for a maximum of two years for analytic purposes or until such time as you advise us to delete it.
What are your rights in relation to the data we hold and process?
You have the right to request:
- Access to the personal data we hold about you, free of charge in most cases.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
You may contact us to request to exercise these rights at any time as follows:
If you wish to access your information
Please contact The Data Protection Officer, The Wick & Wax Co., 8, Foundry Road, Stamford, PE9 2PY. Alternatively, you may contact us by email at firstname.lastname@example.org.
Following your request for access:
You can request rectification or removal of your data. This can be requested if:
- The personal data is incorrect.
- The personal data is incomplete or not relevant to the specific purpose for which it was collected.
- The personal data is used in violation of the law.
- You wish to exercise your ‘right to erasure’ under the Data Protection Act 2018.
The Wick and Wax Company will answer your request within 30 days.
If we choose not to action your request, we will explain to you the reasons for our refusal.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data based on our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
Some marketing communications that you receive from us, such as emails containing news updates, offers or other services that you have shown an interest in, will enable you to unsubscribe directly, should you wish. You can do this by clicking the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails from that email series.
Checking your identity
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
Information Commissioner’s Office
If you are not happy with the way we handle your personal information, and we have been unable to resolve any differences between us about the content or application of this policy, you can complain to the Information Commissioner’s Office. See https://ico.org.uk/concerns/.