At Out of Eden Limited, we are committed to protecting and respecting your privacy whenever we collect, process or store personal information about you. The General Data Protection Regulation (GDPR) becoming law on 25 May 2018 sets out the privacy rights for individuals and provides a strict framework within which commercial organisations can legally operate. This new law won’t alter how we use information about you, but it will make it easier for you to know your many rights regarding your personal data.
WHAT INFORMATION DO WE COLLECT ABOUT YOU?
We obtain information directly from you when you order products from us, register for an online account, sign up for our electronic communications or ask to receive our catalogues. This information may include your name, gender, date of birth, billing/delivery address, order history, email and telephone number. We may also keep a record of information shared with us if you contact us by post or telephone and if you voluntarily choose to complete customer surveys, provide us with feedback or participate in our prize draws and competitions.
HOW DO WE USE THE INFORMATION WE COLLECT FROM YOU?
Most of the information we collect about you is to comply with our contractual obligations to you. Collecting your personal data during checkout when you buy from us using our website or by phone helps us to fulfil any orders you place with us, keep you informed about your order status, maintain, update and safeguard your account and respond efficiently to any future queries, refund requests or complaints you may have.
In addition, we may use information gathered when you place an order, sign up for electronic communications, browse our website or choose to receive our catalogues to provide you with information about products or services which we feel may interest you. This information allows us to meet our legitimate interests as a business in understanding you better and providing you with the highest levels of service. It tells us what products to talk to you about and stops us from wasting your time unnecessarily with offers and promotions that are unlikely to be of interest.
Information about your internet connection and browser, such as your IP address and the country and telephone code where your computer is located, is used to deliver the best possible web experience to you. It also lets us protect you – for example, by helping us to identify possible fraudulent logins from unexpected locations. Information such as this is stored as anonymised statistical data about our users’ browsing actions and patterns, and will not identify you as an individual.
DO WE SHARE INFORMATION ABOUT YOU WITH ANY OTHER PARTIES?
We share your data with trusted third parties employed by us or our suppliers in countries within or outside the European Economic Area to meet our contractual obligations to you in terms of processing your orders. These include the designated parcel carriers who dispatch your order and the designated payment providers who help us process payments, prevent fraudulent transactions and reduce credit risk. We also share your information with IT companies who support our website and other business systems. You can rest assured that we provide these third parties only the information they need to perform their specific services. They will only use your data for the exact purposes we specify in our contract with them and we work closely with them to ensure that your privacy is respected and protected at all times. We also ensure that if we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
We will also share your information with regulatory authorities such as HMRC to comply with any legal obligations (statutory and regulatory obligations) when required to do so relating to business generally, for example tax, bribery and fraud/crime prevention legislation.
HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
We keep your data for as long as is necessary for the purpose for which it was collected, and in line with any legal, statutory and regulatory obligations which we are required to meet as a business. For example, if your order included a warranty, the associated personal data will be kept until the end of the warranty period. In addition, personal information gathered to fulfill an order will be retained for seven years in order to comply with our legal and contractual obligations. At the end of the retention period, your data will either be deleted completely or anonymised (for example by aggregation with other data) so that it can be used in a non-identifiable way for statistical analysis and business planning.
As you’d expect, we reassess our need to use your personal information on a regular basis and dispose of information which is no longer required. Should an account that you have set up with us remain inactive for three years, it will be deemed inactive and we will close it. Thereafter, any personal data associated with it will be anonymised.
HOW WILL WE KEEP IN TOUCH WITH YOU?
We will use your personal data and details of your transactions to contact you by electronic means (e-mail) or by post with our latest news, products and services (including tailored special offers, discounts, promotions, events and competitions) on the basis of our legitimate business interests.
Of course, you are free to opt out of receiving our marketing communications at any time. You can do this by simply emailing our Sales team on email@example.com, or writing to us at Out of Eden Limited, Home Farm Buildings, Kirkby Stephen, Cumbria CA17 4AP. You can also opt-out of future marketing communications by updating the settings in your online account if you have one, or clicking on the unsubscribe link that appears in every one of our email newsletters.
HOW DO WE KEEP YOUR PERSONAL DATA SAFE?
We know that data security matters to all our customers. That’s why we treat your data with the utmost care and take all appropriate steps to protect it.
All information you provide to us is stored on our secure servers. Access to your personal data is password-protected, and sensitive data (such as payment card information) is secured by SSL encryption. We secure access to all areas of our websites using ‘https’ technology.
We regularly monitor our system for possible vulnerabilities and attacks, and we carry out testing to identify ways to further strengthen security.
WHAT RIGHTS DO YOU HAVE WITH RESPECT TO PERSONAL DATA HELD BY US?
Your personal data is set to be safer than ever under the new data protection regulations coming into effect on 25 May 2018. These regulations redefine your rights as governed by the lawful basis for processing used at Out of Eden to process your personal data – namely our contractual obligations to you, our legitimate interests as a business, and our legal or statutory obligations under law. Your rights are summarised as follows:
Consent: You may withdraw your consent to our processing of your personal information for a particular purpose at any stage by emailing our sales team at firstname.lastname@example.org or writing to us at Out of Eden Limited, Home Farm Buildings, Kirkby Stephen, Cumbria CA17 4AP. However, please note that we may be obliged to retain your personal information where we have a legal or contractual obligation to do so. Our processing in that respect will be limited to what is necessary in furtherance of those interests or obligations. Withdrawal of consent will not have any effect on the lawfulness of any processing based on consent before its withdrawal.
Access: You have the right to access the personal data we hold about you. To ask for your information please contact our Data Protection Officer, Colin Wheatley by email at email@example.com or by post at Out of Eden Limited, Home Farm Buildings, Kirkby Stephen, Cumbria CA17 4AP. We shall respond promptly within one calendar month from the point of receiving the request and all necessary information to process that request from you.
Rectification: You have the right to correct your personal data when incorrect, out of date or incomplete. To ask for your information to be amended please contact Colin Wheatley by email at firstname.lastname@example.org or by post at Out of Eden Limited, Home Farm Buildings, Kirkby Stephen, Cumbria CA17 4AP.
Object: You have the right to object at any time to the processing of personal data concerning you, including any personal profiling, where we lack compelling legitimate grounds which override your interests, rights and freedoms, unless this relates to processing that is necessary for the fulfillment of our contractual obligations to you or our legal and statutory obligations.
Erasure: You have the right to ask that we erase your personal data from our systems.
HOW CAN YOU CONTACT US?
Last updated: 24th May 2018