Here, we want to talk to you about how we collect and process your personal data when you are using our websites https://kerrieleather.co.uk/.
We trade as Kerrie Leather Limited, a company based in the United Kingdom. We are responsible as a “Data Controller” of your personal information for the purposes of the General Data Protection Regulation (GDPR) which applies across the European Union. We are currently exempt from registration with ICO on the Data Protection Register.
Your personal data is important and we need to set out how we intend to comply with our legal obligations when it comes to using, collecting and being responsible for it. You can of course read all about us on our Site but if you’re not comfortable with our approach to your personal data then it may be that you don’t wish to use our Site and that’s absolutely ok too. So have a read through and see if it is for you. If so, we look forward to building a relationship with you and if not then we are always ready to hear from you with suggestions or comments to make you more comfortable.
|Highlights: We only use your data to improve your experience with us and to help and benefit you. Simple: We’ll do our very best to talk straight, answer your questions, take away your stress.
Junk-free: Aside from the fact we hate junk and crave a simpler world, we put the power in your hands to choose what and how we speak to you.
Safety first: We take privacy and data protection very seriously. Protected 24/7.
Age of consent: when you provide us with any information, you warrant to us that you are over 13 years of age.
OUR COMMITMENTS TO YOU
Let’s start here.
“Personal data” is any information capable of identifying an individual, for example: your name, address, phone number and email address. This wouldn’t include anonymised data where any parts which could identify you have been removed.
We provide personalised services to you and your business, which is very important to us. We cherish and take very seriously our personal relationship with you. That includes the personal information that you share with us and the trust you place in that.
We collect and handle personal data every day, but with the key purpose of helping and serving you to rip up that rulebook and develop your strategy to build your business in your way.
Here are the promises we make to you in that regard.
- We promise…. to be completely transparent about the information we collect, and why we may collect it. This policy is here to help you understand what information about you we collect, how we use it, how long we keep it for, and reassure you that we protect it.
- We promise…. to only use it for the specific purposes we told you that we needed it for. We will not use it for any other purposes, unless we obtain your specific permission, or we are required by law or to fulfil a legal obligation. We won’t collect more information than we need for the service or product or information you ask us for.
- We promise…. to check it and make sure its accurate and keep it up to date. If you spot a mistake, then you can write to us and tell us and we’ll update it. And obviously, if you change your details then let us know.
- We promise…. that we won’t keep that information any longer than it is needed. The length of time varies depending the information and the reason we use or keep it. We’ll explain this below.
- We promise…. to protect your information and your privacy. Safety and security is a priority for us in all areas, not just this one.
- We promise…. to explain your Privacy Rights and how you can exercise them
- We promise…. to respond quickly to any questions or concerns which you raise with us.
Above all, we promise….to respect your privacy and your information and treat it as if it were our own. We will treat you and your information lawfully and fairly.
OUR ‘LEGAL BASIS’
You have certain rights by law – legal rights that the Information Commissioning Office (www.ico.gov.uk) will help you to enforce if you need to at any time.
Here’s a list to help you understand what your specific rights are.
- Right to access your information at any time. Just write to us and we’ll respond quickly and efficiently.
- Right to stop receiving emails, correspondence, notifications or messages from us. We will always give you an “opt-out” option and you can unsubscribe at any time.
- Right not to be profiled for marketing purposes. You can ask at any time for us to stop doing this.
- Right to prevent processing of your information. By which we mean you can ask us to just hold onto your information in case you need it in the future, but not to process it in any way.
- Right to be forgotten. You can ask us to erase and delete permanently your information, and although there are some bits we need to keep by law we will honour this request happily.
- Right to portability. You can ask us to transfer your information to another organisation. Just let us know what to include and who you want to send it to, and we can. It’s yours, remember, we’re just here to help.
- Right to make a complaint. The regulating body is the Information Commissioner’s Office (www.ico.gov.uk) and they are there to help you on all things data-related. You can find a complaint form on their website. They will probably ask you to give us an opportunity to sort it out for you first, and we would of course welcome that chance. We hope you know we would never have intentionally done something wrong.
Should you send us any requests to use those rights we commit to coming back to you quickly. It will definitely be no longer than a month because that’s what the law says we must do. It may be a lot quicker than depending upon what you need. If you feel it’s really urgent then email firstname.lastname@example.org who is our Data Protection Officer.
QUESTION AND RESPONSE
This section is to help you. You don’t have to read it if you don’t want to, of course. But the law says that we MUST tell you these things, so you are informed as our customer or potential customer. We’ve made it as simple and helpful as we can.
YOU: “HOW DO YOU COLLECT PERSONAL INFORMATION FROM OR ABOUT ME?”
Us: We may collect information about you in the following ways:
- when you purchase a product or service from us you may have to provide the information (and if you choose not to, we may not be able to finalise the contract with you and of course we’ll tell you that and we can decide what to do);
- when we exchange details in person;
- when you contact us on the telephone, by email, or by filling in a form on our website or social media pages;
- if you are referred to us by a friendly advocate of our service;
- we may receive data from public sources such as Companies House or electoral records in the UK or EU;
- and obviously when you become a customer to us and we do great work with you, then we will collect more information than when you’re just browsing. This information may be collected during our meetings together or when you send us documents or share in our online resources.
YOU: “WHAT INFORMATION DO YOU COLLECT ABOUT ME?”
Us: The information we collect may include:
- Your name (and possibly job title);
- Contact information such as email address, phone number, correspondence address;
- Demographic information such as postcode, lifestyle interests, business pursuits. This might include your needs, interests, preferences and you’ll always be invited to share this, not forced. It’s your choice. This will usually be through surveys, research projects, offers or questionnaires;
- Photographic evidence and video footage (this is only if you attend one of our events and you’ll have given specific consent for this);
- As a customer, we will need to collect financial information for the transaction, and sometimes your signature on contracts or other personal data in the context of our work together and as we safely operate our business in accordance with the law.
YOU: AND HOW DO YOU USE THE INFORMATION?
Us: We may use information held about you in the following ways:
- To respond to you if you contact us for help or a query;
- To fulfil our contractual obligations to you when you’ve bought from us;
- To send you valuable information which we think you’ll enjoy and like relating to our services, events, what we’re up to, how you can connect with us. But ONLY if you consent to this and if you ask us to stop then we will.
- To make sure that our websites are helpful and attractive for you and working effectively for your computer and devices and so we can meet the preferences and interests that you’ve told us about;
- To allow you to engage properly with our websites and online services, so you can be interactive with us when you choose to do so.
- To tell you if we make important changes to our service.
- Generally, we only use it for purposes which we need to – to protect ours and your interests and prevent illegal activity and make sure that what we offer and do in the world is safe and secure.
YOU: WHO DO YOU SHARE IT WITH AND WHO HAS ACCESS TO IT?
Us: We only share it when there’s a genuine need. This may be when you ask us to, or if we need to do so in line with a service we’re providing for you and you’ve given us express permission. We may have to share it with companies in our group who provide services to us, or to service providers who provide IT and system administration services in order to make sure all our technology is linked and working properly. This will be done in accordance with the appropriate legal standards and requirements.
We will of course have to share personal information with law enforcement or other authorities if required by an applicable law.
But otherwise, we do not and will not share your personal information with any other third party for marketing purposes. We definitely won’t ever be selling your information on to any third parties because that’s just not what we do.
YOU: WHERE DO YOU STORE AND PROCESS THE INFORMATION?
Us: We use computer systems to help us to safely store and process the information. Because these are provided by third parties it is possible that some of your information is stored and processed overseas and in particular outside of the European Economic Area (EEA). Transfers like this are prohibited unless certain standards are met. As a result, we do our best to ensure that the same level of security of data is in place by ensuring at least one of the following required safeguards is implemented:
- the country to which your personal data is proposed to be transferred having been deemed by the European Commission to provide an adequate level of protection for personal data; or
- the use of certification mechanisms approved by the European Commission, specific contracts or codes of conduct which give personal data the same protection it has in Europe; or
- in the case of third parties based in the US, where they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please email us at email@example.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
If none of the above safeguards is available, we may instead request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
YOU: HOW DO YOU PROTECT AND SECURE IT?
Us: We use up to date security measures in line with latest technology, which may include encryption, security certificates, access controls, procedures and policies within our business, and taking steps to mitigate any potential security risks and monitoring/testing our systems on a regular basis. We also anonymise data where we can so it’s not identifiable. We seek expert advice and help on this wherever necessary because we want to make sure we’re always doing the right thing.
YOU: HOW LONG DO YOU KEEP MY INFORMATION?
Us: The short answer to this is only as long as necessary or where relevant to your relationship with us or our obligations under the law. If you transact with us we have to keep certain information for 6 years (this includes Contract, Identity, Financial and Transaction Data) after you stop being a customer.
We respect your confidentiality and whilst you are engaged with us and are happy you want to be in contact with us. We won’t stay in touch where you don’t want us to (obviously) and so take a look back at the “Rights” we’ve set out above and remember they are there to help and protect you.
YOU: WHY DO YOU COLLECT AND USE MY INFORMATION IN THE WAYS YOU’VE DESCRIBED?
Us: In the main it’s because we’re here to help you and we believe you like us and want to be connected with us. It may be because:
- You specifically gave us your permission (your “consent”)
- We had to seek your consent for certain to add cookies to your device;
- We needed to use your information to run our business successfully (the law calls this “legitimate interests”) but we will only do this when we’re happy that there is little or no risk to you and your personal information. Of course, we want you to know about us and the services we provide because they may be exactly what you need! But we’ve also made it easy for you to stop receiving that type of information at any time (by unsubscribing or opting out)
- We had to collect the information to deliver the contract to you or to comply with a law or legal obligation. In this case, we are allowed to do so, as long as we only then use it for that purpose.
For those of you who love the detail, we’ve got a super table for you below. This summarises the categories of data we may collect and also explains to you why we collect it and the lawful grounds upon which we do so.
|CATEGORY OF DATA||EXAMPLES||LAWFUL GROUNDS|
|Communication Data||Pretty much any communication that you send to us. For example, via the contact form on our website, an email, a text, any social media messaging, or any social media posting.||We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.|
|Customer Data||This includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details.||We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.|
|User Data||This includes data about how you use our Site and any online services together with any data that you post for publication on our Site or through other online services.||Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our Site and our business. We process this data to operate our Site and ensure relevant content is provided to you, to ensure the security of our website, to maintain back- ups of our Site and/or databases and to enable publication and administration of our website, other online services and business.|
|Technical Data||This is data about your actual use of our Site and other online services. It might include your IP address, your login data, details about your browser, length of visit to pages on our Site, page views and navigation paths, details about the number of times you use our Site, time zone settings and other technology on the devices you use to access our Site. The source of this data is from our analytics tracking system.||We process this data to analyse your use of our Site and other online services, to administer and protect our business and Site, to deliver relevant Site content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our Site and our business and to grow our business and to decide our marketing strategy.|
|Marketing Data||This could include data whether you agree to receive marketing from us (and our third parties) and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws and free give-aways, to deliver relevant Site content and advertisements to you and measure or understand the effectiveness of our communications and advertising.||Our lawful ground for this processing is our legitimate interests, for example in order to evolve and improve our services we like to study how customers use our products/services, and this helps us to expand and develop them, to grow our business and to decide our marketing and commercial strategy.|
YOU: WHAT ABOUT SENSITIVE DATA?
Us: The legal definition of “sensitive data” refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any Sensitive Data about you.
Nor we do not collect any information about criminal convictions and offences.
We would require your explicit consent for processing sensitive data, so if our position on this changed in the future we would send you a further communication asking for you to confirm your specific consent to this type of processing.
YOU: AND WHAT ABOUT COOKIES? WHAT ARE THEY AND WHY DO I CARE?
For further information on cookies generally visit www.aboutcookies.org or www.allaboutcookies.org.
YOU: OK, I THINK YOU’VE ANSWERED ALL MY QUESTIONS
We hope that you’re reassured that we take our obligations around privacy, processing, storage and protection of information seriously. Any questions or feedback drop us a note at firstname.lastname@example.org . We regularly review this policy and also the ways we collect information. We’d love to hear from you!