Last updated 07/09/2021
The data controller for the employment period is Loake. A data controller determines how and why personal data can be processed.
We currently use software tools to ensure all of our contractual obligations to you are met and we are able to fulfil any legal obligations we have.
The Data We Collect
The personal data we may collect from you includes:
• contact details you provide to us by filling in contact forms on the website or any other information submitted to us via the website/e-mail
• records of correspondence, whether via the Website, email, telephone or other means;
• details of the transactions you carry out with us, whether via the Website, telephone or other means
• details of your visits to the Website including, but not limited to, traffic data, location data, weblogs and other communication data
• your responses to surveys or market research that we carry out
Our legal basis for processing your data
1. Your consent
2. Our contractual obligations - to process orders you have raised
3. Our legal obligations - to keep our records
4. Our legitimate interest – We may use the information to improve our products and services and, from time to time, to contact you or market research purposes by email, phone, fax or mail. The acquired information will be used to tailor the website according to your interests. Additionally, we may also send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided, if you have chosen to opt into this.
However, our legitimate interest will never prevail over your interests, fundamental rights or freedoms.
How your personal information is collected
We usually collect your personal information when you enter it into a contract with the company or when accessing our website by using cookies. We might also collect information from third parties.
The collected information may include:
• Previously viewed products
• Browsing patterns
• Traffic data, location data
If you want to delete the cookies already stored or stop tracking your browsing patterns, you can do so by deleting your existing cookies and/or altering your browser’s privacy settings to block cookies (the process you follow will differ from browser to browser). However, please note that deleting our cookies or disabling our future cookies means that you may not be able to access certain areas or features of the Website and will not be able to make a purchase from our site.
Personal information you provide to us will be made available to our Marketing team.
For the purpose of organising successful marketing campaigns, we might share your personal data with trusted third parties that are our contractors. You will be informed if that is the case.
We will also share your data for statistical analysis (it will be anonymised first).
We may also share data with a legal authority (police etc.) if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.
Transferring information outside the EU
We will not transfer your personal data outside the EU without your specific consent, unless required by the Law.
We have put in place measures to protect the security of your information.
Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we only give access to your personal information to those employees, agents, contractors.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
All data provided to us is fully encrypted and stringent access controls are in place.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for (having an excellent shopping experience).
This will depend on:
• the amount, nature, and sensitivity of the personal data
• the potential risk of harm from unauthorised use or disclosure of your personal data
• the purposes for which we process it
• whether we can achieve those purposes in other ways
• any lawful obligations we have to adhere to such as HMRC requirements
If, at any time, you want to cease your data retention earlier than the original period, contact our Data Protection Officer under the conditions listed in the next section.
You have the right to:
• request access to your personal information (known as a ‘data subject access request’ or DSAR) - you’ll receive a copy of the personal information we hold about you, so you can check that we are lawfully processing it. It also allows you to request an electronic copy of any data you have provided in a structured, commonly used and machine-readable format
• request that we correct incomplete or inaccurate personal information that we hold about you
• request we delete or remove your personal information - you can do this when there is no good reason for us to keep it - you can ask us to delete or remove your personal information where you have exercised your right to object to processing (see below)
• withdraw your consent for any data processed under the lawful basis of consent (see below)
• object to the processing of your personal information where we are relying on any legal basis other than contract or a lawful obligation
• request we restrict the processing of your personal information - you can ask us to stop processing your personal information, for example if you want us to establish its accuracy or the reason for processing it
To make any of these requests or to ask us to transfer a copy of your personal information to another party, contact our Data Protection Officer.
Accessing Your Data
You will not have to pay a fee to access your personal information or to exercise any of the other rights. However, if your request for access is clearly unfounded or excessive, we may:
• charge a reasonable fee
• refuse the request
We will need some information to confirm your identity. This is to ensure that your personal information is not disclosed to someone who has no right to access it. Typically it will be copies of 2 forms of ID, one photo ID (eg passport) and one proof of address (eg utility bill). These copies will be destroyed after your request is satisfied.
Business Intelligence Analytics
We are committed to ensuring a balance between respecting your privacy rights and protecting our business interests.
We invest in innovation and in security at the same time. Therefore, we use SilverJet as our business intelligence (BI) tool with the scope of improving our business, whilst maintaining a safe environment for your data protection.
The main purposes for using BI are:
• Understanding customers’ needs and preferences
• Acknowledging the regional predilection of our clients
• Planning our campaigns (sales, free delivery day etc.)
• Analysing the efficiency of our services
This is possible under the condition you consent to this process. Unless we have your consent, we cannot provide you with the best online experience and access to our services shall be limited.
Questions and Complaints
If you have any questions about this privacy notice or any concerns about how your personal data has been handled, please contact the Data Protection Officer:
Data Protection Officer
If you have a complaint, you can also contact the Information Commissioner, who is an independent regulator set up to uphold information rights.
Changes to this Privacy Notice
We may change this privacy notice. When we make changes to this notice, the ‘last updated’ date at the top of this page will also change. Any changes to this privacy notice will apply to you and your data immediately. If these changes affect how your personal data is processed, we will take reasonable steps to let you know.