This document explains how we store and handle your data. Also how we use your data to give you the best experience possible while dealing with freepostmagic or any of the brands that we distribute.
Occasionally we may share your data with third parties for example a courier to deliver your order, but we never pass your details on to a third party for marketing purposes.
We abide by the GDPR (General Data Protection Regulation), which gives you rights regarding the personal data we collect and hold. At any time you can ask to see the data we store, update, or remove (where possible) from our system.
It’s likely that we’ll need to update this policy from time to time. We’ll notify you of any significant changes, but you’re welcome to come back and check it whenever you wish.
In specific situations, we can collect and process your data with your consent.
For example: when you tick a box to receive email newsletters.
When we collect data we will make it clear to you that it may be used for marketing and you may unsubscribe at any time.
In certain circumstances, we need your personal data to comply with our contractual obligations.
For example, if you order an item from us we will request your address and this will be passed to our courier.
If the law requires us to, we may pass details of people involved in fraud or other criminal activity to law enforcement.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
For example we may use your purchase history to offer personalised offers.
We also combine purchase history of our customers to identify trends or develop new products.
We may use your address or email to send direct marketing information telling you about products that we might think are of interest to you.
When do we collect you data?
- When you purchase product from us whether you have an account or not
- When you create an account with us
- When you engage with us on social media
- When you contact us by any means with queries, complaints etc.
- When you ask us to email you information about any of products
- When you enter a prize draw or competition
- When you visit our stand at any exhibition
- When you choose to complete any surveys we send you
- When you comment or review any of our products
- When you fill in any online forms
- When you have given permission to a thirty party to share the information they have stored with us
What sort of personal data do we collect?
- When you purchase product from us whether you have an account or not
- If you have an account with us: name, company/home/delivery address. Orders and receipts, email and telephone number, for your security we also keep an encrypted record of your login password.
- Details of your transactions with us and any purchases, returns etc.
- Details of any conversations, brands you have shown interest in, web pages you visit and how and when you contact us.
- If you have given trade references to set up an account
- Your social media username, if you interact with us through those channels, to help us respond to your queries, comments and feedback.
- We do not store credit card information and we are fully compliant with the latest PCI DSS Information Security guidelines.
How and why do we use your personal data?
We endeavour to give you the best customer service experience. One way to achieve this is to use the data collected to offer the best products possible. Data privacy law allows this as part of legitimate interest in understanding our customers and our business.
Of course if you wish to change how we use your data, you can find details in the What are your rights over your personal data? section.
- Remember if you choose not to share your data or refuse permission for certain forms of contact we may not be able to continue to offer our great service. For example if you have asked to be informed when an item is back in stock, we cannot do that if you have restricted general consent to contact you.
- We will use your personal data to process orders, to share your details with couriers and store those details for a length of time in case of refunds etc. We store your data so that we can respond efficiently to your queries and complaints. Handling the information we have stored, keeping records of previous transactions and communications gives us all the information we need. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
- To protect our business and your account from fraud and other illegal activities. For example by checking your username and password when you login to avoid fraudulent log-ins.
- With your consent we will use your personal data, using transaction data to keep you up to date on relevant products, competitions and events.
- To administer any competition or promotion which you will have given consent at the time of entry.
- To test, develop, and improve the systems, services and products we provide. We will do this on the basis of our legitimate business interests.
- To comply with our contractual or legal obligations to share data with law enforcement agencies.
- To send you survey and feedback requests, these messages will not include any promotional content and do not require prior consent. We have a legitimate interest to do so as it helps us to improve our services or products.
- To process a delivery, sharing your details with a third party, for example a courier. To offer the best possible service.
Data and direct marketing.
We want to bring you the offers, promotions and competitions that are best suited to you. We may use your purchase history to aid us in sending you these emails.
How we protect your data
We know how much data security matters to all of our customers and we treat all data with the utmost care. We use all the relevant encryptions and all payment card data is secured by SSL encryption. Our system is regularly monitored with penetration testing to ensure the data is safe.
How long will we hold your personal data for?
Whenever we collect your personal data we will store for as long as necessary for the purpose it was collected for. At the end of that retention period (normally 7 years) you data will be deleted except where collated for statistical analysis or business planning.
Who do we share your data with?
- We sometimes share your data with third parties. i.e. delivery couriers. Our policy is to only provide the information that is necessary for this process, for example name address and phone number. They may only use the data provided for this express purpose. If we stop using their services, any of the data held by them will be deleted.
- Social media but only to respond to queries, or to promote products, events or competitions.
- For fraud management, we may share data with regard to fraudulent or criminal activity to law enforcement agencies. We also may be required to disclose your personal data by law enforcement, regulatory or Government body, in your country of origin or elsewhere upon a valid request to do so. We will always respect the privacy of your data when dealing with these requests.
What are your rights over your personal data?
You have the right to request:
If we choose not to action your request we will explain the reason for the refusal.
Whenever you have given consent to use your personal data, you have the right to change your mind at any time and withdraw your consent.
Where we are processing your data you may ask us to stop where we are using it on the basis of ourlegitimate interest. If we do not we must explain the legitimate overriding reason.
- Access to the personal data we hold about you.
- The correction of your personal data when incorrect, out of date, or incomplete.
- For example, if you withdraw consent, or we have no legitimate interest, or once the purpose for which we held the data has come to an end, i.e. a warranty
- That we stop using your data for any direct marketing.
- You have the ‘right to be forgotten’, asking that your data be deleted. Data will be removed where it does not affect our legitimate interest or retention period to keep it.
How can you stop the use of your personal data for direct marketing.
- Click the ‘unsubscribe’ link in the email communication that we send you. You will then no longer receive emails from us.
Please note that you may still receive emails for a short period after your request as our systems are fully updated.
Contacting the Regulator
If you feel we have not handled your data correctly, or you are unhappy with the way we have dealt with any request regarding your data you have the right to lodge a complaint with the Information Commissioners Office.
If you are outside of the UK, you have right to lodge a complaint with the relevant data protection regulator in your country of residence.
Last Updated: 25th May 2018
If you have any further questions regarding security or privacy please feel free to contact us firstname.lastname@example.org