– PRIVACY POLICY & COOKIES –
OVERVIEW
Elizabeth Shaw (“we” or “us”) is committed to data protection and data privacy. This policy (together with our Terms & Conditions and any other documents referred to in them) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
We are committed to ensuring that your information is secure, accurate and relevant. To prevent unauthorised access or disclosure, we have implemented suitable physical, electronic, and managerial procedures to safeguard and secure personal data we hold.
The Elizabeth Shaw data controller is Elizabeth Shaw Ltd, 1 Glentworth Court, Lime Kiln Close, Stoke Gifford, Bristol, BS34 8SR.
INTRODUCTION
This policy is used to describe how we handle personal information that we hold about users of our website, competition entrants, subscribers, customers and consumers (collectively referred to as “you”). We respect the privacy rights of individuals and are committed to handling personal information responsibly and in accordance with applicable law. This notice sets out the personal data that we collect and process about you, the purposes of the processing and the rights that you have in connection with it.
If you are in any doubt regarding this notice, please contact us.
TYPES OF PERSONAL DATA WE COLLECT
We may process personal data provided by you, including, but not limited to:
- Your name, postal address, email address, phone number and correspondence if you contact us, subscribe to our newsletter, or participate in a survey, contest or promotion.
- Details of your visits to our site, including IP address, traffic data, location data, device information, weblogs, and other communication data.
- The resources that you access, including pages visited, content viewed, links and buttons clicked, URLs visited before and after you use our site. For more information about cookies and how to manage them, please see below.
- Your response to marketing campaigns from us or through our third parties.
- Your social media profile details (name and other information you make available to us) when you contact us through a social media account.
COOKIES
When you visit our website, we collect information about your computer, including (where available and not limited to) items such as your IP address, operating system and browser type, for use in our system administration and to report aggregated information. This is statistical data about our users’ browsing actions and patterns, and will identify you as a unique but anonymous visitor.
For the same reasons, and with your permission, we would like to obtain information about your general internet usage by using third-party cookies (see our list) which would be stored on the hard drive of your computer. They help us to improve our site and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage pattern.
- To store information about your preferences, and so allow us to customise our site according to your individual interests.
- To speed up your searches.
- To recognise you when you return to our site.
You may refuse to accept some or all cookies by activating the settings on your browser which allows you to do this. (How to unset or clear cookies in most browsers). Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you visit our site.
PURPOSES FOR PROCESSING PERSONAL DATA
We process personal information for the following business-related purposes:
- To ensure that content from our site is presented to you in the most effective manner for you and your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have been contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To notify you about changes to our service.
LEGITIMATE BUSINESS PURPOSES
We may also collect and use personal information when it is necessary for other legitimate purposes, such as to help us conduct our business more effectively and efficiently – for example, for general IT security management, accounting purposes or financial planning. We may also process your personal information to investigate violations of law or breaches of our own internal policies.
LEGAL PURPOSES
We may also use your personal data where we consider it necessary for complying with laws and regulations, including collecting and disclosing personal information as required by law, under judicial authorisation, or to exercise or defend our legal rights.
LEGAL BASIS FOR PROCESSING PERSONAL DATA
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the way we collect it. We will normally collect personal data from you only where we have your freely given consent to do so, or where the processing is in our legitimate interests and only where this interest is not overridden by your own interests or fundamental rights and freedoms.
Any processing based on consent will be made clear to you at the time of collection or use – consent can be withdrawn at any time by contacting us.
WHO WE SHARE YOUR PERSONAL DATA WITH
Your personal information may be transferred or disclosed to any company within the Group, or subject to appropriate agreement, to third parties, for the processing of that information based on our instructions. We take care to allow access to personal data only to those who require such access to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the data is used in a manner consistent with this notice and that the security and confidentiality of the data is maintained.
TRANSFERS TO THIRD-PARTY SERVICE PROVIDERS
In addition, we make certain personal data available to third parties who provide services to us. We do so on a “need to know basis” and in accordance with applicable data protection and data privacy laws.
For example, some personal data will be available to our trusted partners to process information and provide us with services, including sales, marketing, data analysis, research and surveys.
TRANSFERS TO OTHER THIRD PARTIES
We may also disclose personal data to third parties on other lawful grounds, including:
- To comply with our legal obligations, including where necessary to abide by law, regulation or contract, or to respond to a court order, administrative or judicial process.
- In response to lawful requests by public authorities (including for national security or law enforcement purposes).
- As necessary to establish, exercise or defend against potential, threatened or actual litigation.
- Where necessary to protect the vital interests of our employees or another person.
- In connection with the sale, assignment or other transfer of all or part of our business; or
- With your freely given and explicit consent.
TRANSFER OF PERSONAL DATA ABROAD
We may need to transfer personal data to countries outside of the United Kingdom. When we export your personal data to a different country, we will take steps to ensure that such data exports comply with applicable laws. For example, if we transfer personal data outside the European Economic Area (EEA), such as to the United States, we will implement an appropriate data export solution such as entering into contracts with the data importer that contain EU model clauses or taking other measures to provide an adequate level of data protection.
DATA RETENTION
Personal data will be stored in accordance with applicable laws and kept for as long as needed to carry out the purposes described in this notice or as otherwise required by law. We will take all necessary steps to ensure that the privacy of information is maintained for the period of retention.
YOUR RIGHTS
You may exercise the rights available to you under data protection law as follows:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- Rights in relation to automated decision making and profiling.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. You can read more about these rights at: https://ico.org.uk/your-data-matters/
To exercise any of these rights, please contact us.
ISSUES AND COMPLAINTS
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. This notice was drafted with clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. However, we are happy to provide any additional information or explanation needed.
If you want to make a complaint about the way we have processed your personal information, you can contact the Information Commissioner’s Office in their capacity as the statutory body which oversees data protection law – www.ico.org.uk/concerns.
UPDATES TO THIS NOTICE
This notice may be updated periodically to reflect any necessary changes in our privacy practices. In such cases, we will inform you by email. We encourage you to check this notice periodically to be aware of the most recent version.
Please address any questions or requests relating to this notice to us by email to consumerenquiries@elizabethshaw.co.uk or by post to the following address:
Customer Services,
Elizabeth Shaw Ltd,
1 Glentworth Court,
Lime Kiln Close,
Stoke Gifford,
Bristol,
BS34 8SR.